Security & Privacy

Do the terms HIPAA, PCI or Frank Dodd mean anything to you?  How about Personal Clouds, Internet of Things or Vendor Relationship Management?  Today’s IT systems require strong authentication, granular authorization controls, robust intrusion prevention and vigilant monitoring.  The more interesting question is, what do tomorrow’s IT systems require?

Most projects focus on intrusion prevention, authentication and authorization.  Although security is a specialist’s discipline, within the discipline these things are relatively easy.  Unfortunately, this is where most security projects stop.  In many cases it isn’t until somebody leaves the company on bad terms that access revocation is considered.

At IoPT we understand the full security life-cycle and will make sure your design considers:

  • User access revocation.
  • Role-based access control.
  • Key rotation and revocation.
  • Secure key creation and management.
  • Monitoring and alerting.
  • Logging and reporting.
  • Recovery and forensic analysis.
  • Identity and attribute management.