nGran offers a wide variety of specialized services, including security testing & assessments,
personnel training, and networking. Click on the appropriate links for more information.
|
Information Disclosure Sweep
An
Information Disclosure Sweep of the Web is designed to reveal any
confidential information that may lead to a compromise of the security
and integrity of a Company’s website. This includes vulnerabilities
that may NOT typically yield immediately valuable information or
control over a system but instead gives an attacker inside knowledge
that may help an attacker find and exploit other vulnerabilities.
|
 |
| Info Disclosure 2010 |
|
|
Security Testing & Assessments
nGran provides comprehensive data security testing to businesses around the world. Below is a brief listing of the thorough data security assessments we provide. For additional information, click the correlating subtopic button to the right.
|
Web Site Security Reviews: Test the strength of access controls for systems and application software of internal and external sites.
|
|
| Web Site Security 2010 |
|
|
Network Security Reviews: Testing to assist in the management and configuration of multi-site security based systems.
|
 |
| Network Security 2010 |
|
|
Security Audits: Evaluate technical, procedural and managerial elements of networking and systems environments.
|
|
| Security Audits 2010 |
|
|
Attack & Penetration Security Testing: Evaluates the strength of current security defenses from intrusions.
|
 |
| Penetration Testing 2010 |
|
|
Vulnerability Assessment: Detailed diagnostic of internal and external security controls.
|
|
| Vulnerability Assessment 2010 |
|
|
System Implementation: Installation, "system hardening," testing, configuration, and proof of concept for desktops, laptops, servers and security devices.
|
|
| System Hardening 2010 |
|
|
Security Awareness Training
With a thorough understanding of your business' needs, nGran provides personalized classes, videos, and security ceritifications, so you and your staff can stand strong at the front lines of your company's security.
|
This service is a customized set of courses with tracks for General & Administrative users, Technical Support and Developers. Courses typically run from 90 – 180 minutes in length. nGran will use your company’s Security Policies & Procedures along with your unique set of needs to properly tailor the course materials to your requirements. Demonstrations of “high risk” threats are included for all tracks with useful explanations at the appropriate skill level. In addition, all tracks provide “Best Practice” guidelines based on NIST SP 800-50, CERT & Department of Homeland Defense recommendations. Supplementary course materials include security questionnaires, glossaries, protection tools and approved processes to securely “surf” in today’s Internet environment.
All courses meet the training guidelines for:
Graham-Leach-Bliley Act Employee Training Requirements U.S. Federal Guidelines Under the 1987 Computer Security Act for Security Awareness and Literacy Training U.S. HIPPA Personnel Training Requirements
|
|
| Security Training 2010 |
|
|
Secure Network Designs: Provides secure LAN / WAN connectivity, architecture, recommended protocols, projected performance factors, component selection, carrier service recommendations, naming and address mapping, bridging, switching and routing schemes.
|
 |
| Secure Network Design 2010 |
|
|
Enterprise Network Planning: Business process mapping in technical, procedural and managerial areas, Technology reviews providing vendor analysis and migration scenarios based on industry specific best practices.
|
|
| Enterprise Planning 2010 |
|
|
Network Tests & Validation: Systems review to validate appropriate and necessary bandwidth and integrity for major applications running at defined sites. Network protocols and applications will be detailed and validated.
|
|
| Network Validation Testing 2010 |
|
|
|
Network Audit: Provides configuration details including, clients, servers, workstations, comm devices (bridges, hubs, switches, routers, etc.), server based software applications, network operating systems.
|
 |
| Network Auditing 2010 |
|
|
Site Recovery: Design reviews with disaster recovery and emergency planning, remote backup / recovery support, temporary site relocation and onsite CERT services, IT systems recovery.
|
|
| DR & Site Recovery 2010 |
|
|
Site Surveys: Documents systems with peripherals including, modems, printers, plotters, scanners and site map including physical location, connectivity type and logical map.
|
|
| Site Survey & Documentation 2010 |
|
|
|