DMZ Services, Inc.
News-Info |  Services  | Tools
 Security  | Systems
Security should begin in the planning stages, even before a projects starts.
  • Information should be classified according to who should have access, how it can be accessed (network pipe, email, fax, snail mail, ...), how such information can be transferred, how it should be destroyed, for how long it should be archived, how it can be stored, ...
  • Applications should be designed to not only achieve their function, but to also keep in mind the standard places insecurity occurs: session hijacking, password sniffing, buffer overflows, race conditions, ...
  • Servers should be deployed with full knowledge of what applications can give a local user higher levels of access, or allow remote users access through daemon applications into the system, ...
  • Policies should be defined for who has access, what type of information is in the application or server, what other policies are used/effected by the application/server/connection/etc., how access is authorized/authenticated, ...

However, like many institutions world wide, applications and servers are rarely built this way. For this reason, DMZ Services, Inc. offers a full range of Security Assessments. Ranging from a simple Internet Penetration test or Application Code Review to Multi-Site Electronic, Physical, and Social Engineering Intrusion Assessment. All Assessments are followed up with full in depth Reports and optional Policy/Information Definition and Documentation.

Contact us if our specialized consultants can help assess your security problems.

All content © by DMZ Services, Inc. & Whomever is listed in association with DMZ Services, Inc. All else GNU| Hosting with ZZServers

Search Search WWW Search Search