Security Assessment

Central to providing comprehensive Security Services is DSM’s Dynamic Security Methodology, which is a well-defined, fully scalable assessment process.  Based upon nearly two decades of systems integration and assessment work, it assures that each client’s assessment, regardless of scope, focus or business/operational circumstances, will yield reliable and repeatable results.  Our comprehensive approach gives customers the information they need to make sound security-related business decisions as well as provides a baseline for security management and measurement programs.

Flexible and customizable, our Dynamic Security Methodology results in a tailored risk profile prepared exclusively for each client. This profile ultimately drives a set of recommendations and practices most appropriate for the client’s environment be it general security, SOX, HIPAA, GLBA, etc.  These practices then become the roadmap for the organization, providing specific guidelines and implementation strategy for a continuous enterprise-wide IT security program.

Our methodology as depicted below is a four-phased approach that begins with discovery and culminates with a maintenance program.  Depending on the needs of the client, this methodology can be expanded or minimized to meet the client’s needs.  Overall, DSM looks at the entire IT environment, assesses the risks, creates a plan for securing critical vulnerabilities and threats and provides a solution for monitoring over time all of which are tied to your business needs.

Phase 1a - Discovery

Any comprehensive security program must begin with a discovery phase, whereby the various IT assets are identified. This can be accomplished both manually and automatically. DSM’s approach combines interviews with appropriate personnel, documentation review and automated scanning of your network. This data is then correlated, analyzed and presented to the organization to verify the detailed network environment.

Importance – Network identification or discovery is critical to any security program because it provides the foundation or current state baseline on which to evaluate the computing environment without omitting any critical assets that may have otherwise been inadvertently overlooked.

Differentiation – What makes DSM’s approach different than other competitors is that we employ several automated tools to help gather and document information quickly and cost-effectively.  This automation provides comprehensive system information in a fraction of the time and at a fraction of the cost as compared to a manual approach.

Phase 1b - Assessment

Once the computing environment has been identified, the systems must be evaluated from a security perspective. During this phase, we look for faults, performance issues, security concerns, threats, vulnerabilities and trending information. With this data, we can then provide you with a gap analysis between existing and desired state as well as high-level recommendations for remediation

Importance – Our assessment of your systems helps you highlight weaknesses that may compromise the security of your systems and mission critical information. It also provides you a framework for overcoming these weaknesses as related to industry standards and best practices.

Differentiation – DSM takes a system-wide approach and focuses on overall remediation and proactive problem-solving to give you the best solution for your environment. Many other organizations will simply focus on delivering a point solution and tactical response. DSM, however, focuses on “what is causing the problem” and delivers both a tactical response and strategic remediation.