GlobalWatch Technologies
Services

Security Programs to Support
Your Business Mission

Content on this page requires a newer version of Adobe Flash Player.

Get Adobe Flash player

GlobalWatch Technologies Services

Information Security Assessment & Compliance Services

Enterprise Risk Assessments

Every stable security posture begins with an enterprise risk assessment. GlobalWatch Technologies uses proven standards from recognized organizations such as NIST, ISO, and BSi to assess the criticality of information, network, physical and application assets in support of the business mission.

We reference the following standards in our work:

  • NIST 800 series
  • ISO 17799
  • BS 7799
  • NSA
  • Other Specific

Return To Top

Technical Security Assessments

Usually completed after an enterprise risk assessment, technical security assessments are performed to provide a clear and overall picture of perceived versus actual security posture. GlobalWatch Technologies performs all of the various levels of technical security assessments outlined below to ensure the best possible view of your security posture.

image

Vulnerability Assessments

Vulnerability Assessments are an assessment of your information systems, controls and procedures. We follow proven and accepted methodologies and procedures when performing these assessments such as the National Security Agency’s Information Security Assessment Methodology (NSA-IAM). We also utilize unique tools which greatly reduce the time it takes to do vulnerability and compliancy assessments while improving the management and tracking of the process.

GlobalWatch Technologies performs non-intrusive assessments as well as vulnerability scans that are more intrusive, but are thorough in their scope using industry standard tools as well as unique tools to give our customers the best value for their assessment dollars.

Penetration Testing

The next level of vulnerability assessment is much more intrusive to the system as a hands-on assessment of the controls and procedures currently implemented. Also known as a penetration test, the boundaries of the test and the metrics to measure success are defined before testing. It can take many forms and can be performed from many different perspectives such as internal, external, web and application. GlobalWatch personnel are well versed in all aspects of penetration testing and can wear white, gray and black hats during penetration testing exercises.

Design & Architecture Assessments and Review

A good security posture starts with a solid architecture. GlobalWatch Technologies performs an assessment on your system or software architecture before the development process begins. This is often the most cost effective time to catch security issues because the remediation is less time and resource consuming.

Wireless Network Security Assessment

Wireless networks are an increasingly expanding segment on enterprise networks. They can also pose the largest security risk to an infrastructure due to the inherent security flaws in their implementation. GlobalWatch Technologies specific wireless network expertise to assess your wireless infrastructure’s security posture. Our findings can then be implemented into a solid wireless security plan.

Return To Top

Compliance Assessments and Management

Compliance affects all organizations, both commercial and federal. GlobalWatch Technologies fully understands the intricacies and the multitude of interpretations these regulations bring with them. We also utilize cutting edge tools to automate the assessment process reducing the time to complete the assessments as well as increasing the management and visibility into the progress of the assessment project.

  • SOX-Sarbanes-Oxley Sections 302, 404, 409

    While Sarbanes-Oxley compliancy does not directly reference information security, section 404 dictates the integrity of financial systems and processes used in organizations, which typically fall into the realm of information security. It also tasks these organizations with assessing the effectiveness of its internal control structures. GlobalWatch Technologies assists you organization in measuring the effectiveness of its current controls as well as recommending and implementing additional controls to ensure and maintain compliancy.

  • HIPAA-Health Information Portability and Accountability Act

    Nowhere are compliancy standards more prevalent than in the healthcare arena. Whether it is the protection of Personal Health Information across system boundaries, or applying audit controls to the disclosure of that information, GlobalWatch Technologies provides the expertise needed for your organization to maintain its compliancy.

  • GLBA-Gramm-Leach, Bliley Act

    Also known as the Financial Modernization Act of 1999, the GLBA stresses the privacy and confidentiality of personal financial information. GlobalWatch Technologies assists your organization in assessing their current compliancy posture and recommending and implementing the necessary controls to assure your compliance.

  • FISMA-Federal Information Systems Management Act of 2002

    Federal Government Agencies are required to secure their Information Systems for face budget repercussions under FISMA. Contractors to the Federal Government who house or maintain federal data are also required to comply with FISMA. GlobalWatch Technologies, through it’s assessment, security technologies and integration, and management practices, ensures compliancy for your agency or organization.

  • Certification & Accreditation

    GlobalWatch Technologies has an excellent C&A practice that utilizes skilled personnel with a long history of C&A on federal systems for many different agencies.

  • HSPD-12-Homeland Security Presidential Directive-12

    GlobalWatch Technologies is uniquely positioned to assist agencies with HSPD-12 plans and implementation. We leverage our expertise in identity and access management and physical security to create actionable programs.

  • New and Pending Compliance Legislation

    Several new forms of legislation are in process targeting the prevention of identity theft, many with severe financial penalties for privacy data compromise. GlobalWatch Technologies follows this legislation closely and can help your company stay in compliance once enacted.

Return To Top

Application Vulnerability Assessments

Code Design & Review

GlobalWatch Technologies’ expert software engineers and architects assess your current applications as well as projects in development for security posture and overall attack surface.

Implementing Security Into the Software Development Life Cycle

GlobalWatch Technologies assists your development groups with implementing a security component into their software development life cycle.

Vulnerability Assessments for Applications

By focusing on the application architectures and methodologies, GlobalWatch Technologies helps eliminate current and future vulnerabilities that could be exploited in your applications.

Penetration Testing for Applications

GlobalWatch Technologies takes vulnerability assessments to the next level on beta and production applications. By doing an in-depth penetration test on applications, organizations can see currently exploitable weaknesses in their applications and fix them before they become a legitimate liability or cause a measurable loss to the organization. It also serves as a learning experience for internal development groups to see exactly where their code is weak from a purely objective security standpoint.

Remediation Services

GlobalWatch Technologies not only discovers problems in applications and systems, we can recommend expedient measures to shore up the security posture of applications. We recommend appropriate remedies for issues found or do the actual implementation and shoring using our own software engineering group.

Return To Top

Protect your company today.
Contact GlobalWatch Technologies for a free introductory consultation.