InfoSec
- Home
- InfoSec
Stay with Intellekt
Agile Data Solutions
Intellekt has the team to help you re-purpose and reposition your data fast. Our qualified data engineers and data science experts can collect, review, consolidate, clean, and structure a plan for AI analysis at Agile speed. Whether you are in the process of creating acentralized data lake, cleaning your data, or moving forward with advanced AI, we have the talent and process to help.
At Intellekt we deliver these Enterprise Grade Data services at Scale, Affordable and Variable Model customized to your needs and pace. Intellekt’s ML engineers follow the best validation process to authenticate the machine learning models developed through deep learning algorithms.
We provide unbiased Model Validation Services for machine learning with highest accuracy at affordable pricing helping AI developers to build an accurate model for different fields.
Layer Protection Approach
Layer 0: End User
• Background Verification and Employee Onboarding • Non-Disclosure Agreement and Awareness of the risks and compliance • Information Security Awareness Training & Assessments • Continued Updation About Phishing / Social Engineering Risks
Layer 1: Laptop/Desktop
• Hardening as per NIST Guidelines • Bit Defender Endpoint Detection & Response (EDR) • Encrypted Hard Disks • Information Security Aware User
Layer 2: VLAN Segment
• Physically Separated Infrastructure • VLAN Segregation At Firewall and Switch Port Leve • Monitored and Core Managed Switches
Layer 3: LAN Segment
• Policy Based Traffic Across the Internal Network • No Wireless Network Architecture • Independently Audited Infrastructure • Unused / Unassigned Ports are disabled
Layer 3: Perimeter Defense
• FortiGate UTM 600 D • Site to Site Encrypted Tunnels Using 3DES / AES Keys • Default Deny Policy With Only Specific Traffic Being Permitted • End-to-End secure network security architecture • VPN Gateway – For Site to Site Tunnel & WFH SSL VPN's
Delivery Center Information Security Architecture
Threat Intelligence Feeds
CMDB
Asset Inventory Master
WSUS
Windows Patch Management
FortiGate UTM
Perimeter Defense Gateway Firewall
Active Directory
Primary and Secondary Domain Controllers
Anti Virus
Centralized Console Management
Bit Defender*
Endpoint Security Management
M Pulse
HRMS for Employee Management
Processing Platforms
Log Monitoring
Ongoing
Analysis
Resource Monitoring
Patch Updates & Capacity Utilization
Vulnerability Management
Periodic & Ongoing Assessments
Actionable Outcomes
Alert & Remediation
Compliance Monitoring
Risk Based Dashboards
Asset Identification
Patch Management Status
Incident Management
WFH Monitoring & Management
Resource Utilization & Monitoring
Data Protection & Management
Data Security Framework
Information Security Policies
Access Control & Authentication
Data Encryption & Protection
Information Security Policies
Operations & Communication
Network Security
Application Security
Real-time Incident Management
Physical, Environmental & Human Resources
Regulations and Policy , Standards and Specifications
Security Assessments Frameworks, Technology Methods
BCP / DR
Compliance & Certification
Controls & Training
Risk and Compliance
ISO 9001 -2015 ISO 27001 - 2013 PCI DSS GDPR , HIPAA
Operations & Communication
Periodic Audits & Assessments
Risk Assessments & Mitigation
Monitoring & Management
Training & Information Dissemination
Infrastructure Support & Maintenance
Governance, Risk and Compliance (GRC) Framework
Key Areas
Governance
Risk
Compliance
Process
Policy & Procedure Definition, Gap Analysis, Baselining & Balance Scorecard
Risk Assessment Framework Setup
Performance Dashboard, KPI’s Periodic Audits & Exec Reports
People
ISMS Awareness, Rollout, Roles & Responsibilities
3rd Party Security Assessments, Contractual Compliance
Access Reviews Privileged User Compliance
Data
Data Governance, Ownership, Classification, Labeling
Data Risk Assessment, Cross Border Protection
PII, CHD and sensitive information
Infrastructure
Security Baseline (Standards Patches, Security Configuration)
IT Risk Assessment, Risk Mitigation
Security Configuration & Compliance, SLA’s Service Delivery
Applications
DevOps Management, Service Delivery,
Application Risk Management
Access Reviews, SDLC, ITSM
Internal Audit, Remediation, Health Check, Self Check Assessments, Readiness Assessment
Information Security Governance Structure
Standard Information Security Organization Structure in each delivery center
Core Information Security Committee at the Corporate Office
Visible Support, Direction & Resources
Reviews & Approvals On Info Sec Policies
Management Controls & Planning
Key Charters of Information Security
Security Approach for Our Customers
Foundation
Description
Existing Setup
Identity
Verify if the user has the needed rights to access the system or data
- Domain Controller
- Active Directory
- Multi Factor Authentication
- WSUS
Data
Protecting Data at Rest or Data in Transit through encryption, governance and access control
- Bit Locker is used to encrypt local hard disk through 3DES 256 Bit keys
- Site to Site Tunnel ( AES or 3DES 256 bit) using FortiGate UTM
Local Servers End Points
Continuous protection of information being accessed by the user from office or during Work From Home conditions
- Symantec / Norton Antivirus
- Bitdefender Ultra( Client mandate )
- AD Authentication
- MFA Authentication
- BitLocker Encryption
- SSL VPN Client
Applications
Securing the applications against any attacks through known and unknown patterns by identifying malicious behavior
- Site to Site VPN using 3DES Encryption
- Whitelisting of IP’s
- Hardened Applications
- Enabling Specific Traffic between Source and Destination Along With Particular Ports
- Vulnerability Management – Quarterly & Annual Independent Assessments
Certification
Implementing measures to be compliant and achieve certifications
- ISMS based policies to protect information
Lorem Ipsum is simply dummy text of the printing and typesetting industry
Lorem Ipsum is simply dummy text of the printing and typesetting industry