Lost your USB Key or Laptop with client confidential data?? Data hacked with your client data? Is your encryption, miltary class?
Threats to IT infrastructure come in all shapes and sizes and from all areas of the firm's business. QueryPoint has the expertise and the track-record to help clients to protect their networks and data from both external and internal security threats. IT security has never been as important as it is today. With hacking tools now widely available, law firms need to take every precaution to protect themselves from external as well as internal threats.
QueryPoint provides a comprehensive range of security services centered around the security assessment and architecture of critical IT infrastructure. Our services have been specifically designed to assist law firms identify and evaluate security risks, and to design and implement security solutions which mitigate any exposures.
We help law firms create IT infrastructure security policy by assessing the risk to the network and building a team to respond. We help you implement a security change management practice and monitor the network for security violations. All our Network Security Services are based on preparation , prevention and response to threats.
We have years of experience of defining and implementing IT security policies, and are familiar with the types of security issues faced by small and medium-sized businesses. Specifying security solutions and policies requires expert input. As systems become increasingly interconnected, there are more potential threats to IT networks and critical business data.
Prior to starting a managed service contract for IT Security, we conduct a detail Risk Analysis. We identify the risks to your network, network resources, and data. The intent of a risk analysis is to identify portions of your network, assign a threat rating to each portion, and apply an appropriate level of security. This helps maintain a workable balance between security and required network access. We assign a risk level from Low to High to core network devices, distribution network devices, access network devices, network monitoring devices ( SNMP monitors and RMON probes), network security devices (RADIUS and TACACS), e-mail systems, network file servers, network print servers, network application servers (DNS and DHCP), data application servers (Oracle or other standalone applications), desktop computers, and other devices (standalone print servers and network fax machines).
We then assign an account dedicated Security Team led by a Security Manager. Our security experts are aware of the security policy and the technical aspects of security design and implementation of each individual client. The Security Team liasons with your staff for approval of security change requests, reviews security alerts from both vendors and turns plain language security policy requirements into specific technical implementations.
Our specialty in Security Managed Services, is preventing IT infrastructure security threats by constant monitoring of the IT infrastructure. We focus on detecting changes in the network that indicate a security violation. At the time of setting up Risk Analysis we determine what are considered violations and base our monitoring on preventing these violations that are threats to the system. There is constant change to the network environment, with this change in your application/networks, the security requirements also change all the time. We monitor low-risk equipment weekly, medium-risk equipment daily, and high-risk equipment hourly. Once our network monitoring software detects the violation, it triggers a notification to the operations center, which in turn immediately notifies the security team.
Once the security team is notified, it immediately sets into action a response to the threat. At the time of risk analysis and policy setup we determine the response to each intrusion and the extent of response. This makes responding to an intrusion much more manageable and immediate. Next we define the level of authority given to the security team to make changes, and in what order the changes should be made. Corrective actions are taken implementing changes to prevent further access to the violation, isolating the violated systems and shutting these systems down. The Security Team also takes preventative action by informing the legal authorities as well as contacting the Carriers involved if any.