“Covid-19 pandemic has accelerated the adoption of work from home practices, and there by putting tremendous pressure on IT Security teams to safeguard and improve home cyber security posture in very a short time.”
Security Advisory
Shieldify offers consulting services to organizations and helps them develop Holistic Cyber Security Strategies as per the latest Global Standards. These include:
Information Security Management System – ISO 27001 - 2013
General Data Protection Regulations – GDPR
Business Continuity Management System (BCMS) – ISO 22301
The National Electronic Security Authority – NESA (United Arab Emirates)
Systems Organizations Controls – SOC 2
The Payment Card Industry Data Security Standard – PCI DSS
Health Insurance Portability and Accountability Act – HIPAA
Information Security Gap Assessment
- Shieldify undertakes gap assessment studies against global standards such as ISO 27001, GDPR, PCI DSS, HIPAA, NESA and others
- Shieldify understand your business goals and information security objectives aligned with those goals
- Identify the objectives for “User Entity” and “Service Organizations.” Once these are identified we do gap analysis against applicable SOC 2 controls and risks
- From a GDPR compliance point of view, we identify information and data sources. Once they are identified, we carry out a detailed impact analysis of a data breach. We test currently implemented controls to verify if they lead to data breach of PII (Personally Identifiable Information)
- Shieldify works with organizations which handle credit card data and prepares them for PCI DSS certification. Our consultants map out the business flow, scope the system to understand how credit card data is stored/processed and identify gaps against the required standards
- Shieldify consultants prepare organizations for the implementation of best practices defined by BCMS – ISO 22301. It starts with us understanding an organization’s business objectives and business continuity objectives. Once this step is completed, we complete a gap assessment between current state of BCP and stated goal
- Shieldify offers HIPAA compliance consultancy services to IT companies who work with HIPAA covered entities in the capacity of “Business Associates.” Our engagement starts with identification of sections of an organization that need HIPAA control implementation, assets that need to be covered and gap analysis against the standard
Control Assessment
- Shieldify consultants will work with customers and test various controls their organizations have implemented against different standards like ISO 27001, GDPR, HIPAA and others
- Shieldify provides a detailed report which showcases gaps against the requisite controls
- These gaps will become the starting points to building a proper risk matrix for the organization after a detailed risk assessment exercise
Threat Risk Assessment
- Every organization has a unique exposure to different types of risks. It depends on the nature of the business they are engaged in, regulatory framework that is applicable to their enterprise, statutory rules they have to comply with and finally the obligation they have towards various stakeholders – employees, customers, vendors and other partners
- Shieldify consultants will weigh these risks against their impact to your organization and come up with a risk assessment matrix that is tailor made for your business
Development of Policies and Processes
- Sustainability is the biggest challenge with any Information Security practice implementation
- Without robust policies and processes in place, management systems may fail to deliver return on investment from information security technologies
- Shieldify consultants works with organizations and implement policies and processes which help them meet and sustain requirements of standards such as ISO 27001, GDPR, PCI DSS and others
Security Governance Framework
- Information Security Management Systems will not work if there is no buy-in from senior management of the organizations concerned
- Shieldify consultants think business first and look at Information Security Management System – ISO 27001 – 2013 as a harmonized interplay of technology, process, and people with strong push from senior management
- Shieldify works CXOs to put together a Security Governance Framework to take care of information security needs as well as the legal, regulatory, and statutory needs, which are of topmost priority to the company’s board
Security Program Implementation
- Shieldify has partnered with OEM vendors and other managed security services providers
- Shieldify take the programs designed and manages the effort to implement the information security system for our customers
- Shieldify build regular audit and maintenance cadence for the organizations so that information security programs are maintainable and sustainable