For Small and Midsize Business IT Systems: CISSP Certified Security Expertise
Progent can provide access to of security professionals who have qualified for CISSP certification. CISSP certification recognizes mastery of a global standard for network security. American National Standards Institute has granted the CISSP certification formal accreditation in the field of information security under ISO/IEC 17024. This represents the first example where an information technology credential has earned ANSI approval. CISSP is formally approved by the United States DoD in both their IAT and Managerial categories. CISSP has also been approved as a standard for the U.S. NSA's Information Systems Security Engineering Professional initiative to secure the National Information Infrastructure (NII).
Progent can provide a CISSP-certified expert to help your company in a variety security areas including:
Security Administration Practices
Security Architecture and Paradigms
Access Management Systems and Processes
Applications Development Security
Secure Operations
Physical Security
Data Encryption
Telecommunications, Network and WAN Security
Business Continuity Planning
Crime Law, Investigation and Ethics
Security Management Practices
Security administration involves the identification of an organization's information assets and the creation, documentation, and implementation of policies, procedures, standards. Management techniques such as information categorization and risk analysis can be utilized to determine potential attacks, classify valuable data, and rate system weaknesses so that effective measures can be put in place.
Security Infrastructure and Models
This involves the principles, structures, and standards used to design, track, and secure OS platforms, hardware, networks, and application software plus the tools utilized to enforce various levels of robustness, consistency, and privacy.
Access Control Systems and Processes
Access controls are a collection of technologies that work in unison to build a security architecture to guard the assets of the information system.
Software Development Security
This involves the key security principles that apply to software development. Software development security outlines the circumstances where software is planned and developed and explains the critical role software plays in providing IT network security.
Secure Operations
Operations security has to do with identifying the management of hardware, media, and the technicians and administrators with access privileges to these resources. Audit and tracking are the mechanisms and techniques that allow the identification of security-related events and follow-on efforts to identify the key factors and convey the pertinent information to the appropriate person, team, or mechanism.
Physical Security
Site security addresses security mechanisms for the whole facility, from the outside perimeter to the desk, including all of the IT network resources.
Data Encryption
Cryptography covers the principles, techniques, and methods of cloaking information to preserve its consistency, confidentiality, and authenticity.
Telecommunications, LAN and Internet Security
This area involves:
Network Infrastructure
Transmission methods
Transport protocols
Security measures used to ensure reliability, integrity, and confidentiality
Authentication for transmissions over private and public communications networks and media.
Business Continuity Preparedness
The Business Continuity Plan addresses the preservation and restoration of commercial activity after network disruptions.
Law, Investigation and Ethics
This involves:
Information system crime laws
The procedures followed and mechanisms utilized to solve information system crime incidents