Home
 
Who We AreServicesContactPortal
Technical servicesProfessional ServicesHIPAA ComplianceAlliances and Partnerships

Thaumaturgix Security Enhancement and Control (TSEC™)

 TSEC Diagram

Introduction
Thaumaturgix Security Enhancement & Control (TSEC™) is a comprehensive suite of security service offerings that have been developed by the security, systems, networks, and operations experts at Thaumaturgix. TSEC forms an integral part of Thaumaturgix's core technology services and offers companies a customized solution for assessing and addressing their security needs across mission-critical network environments.

TSEC practices adhere to a basic principle, which is: It is virtually impossible to restrict or block access to an online system completely! Keeping this in mind, the goals of any TSEC engagement are to:

  • Deter intruders
  • Detect intrusion
  • Protect privileged information
  • Perform swift disaster recovery

TSEC™ Services
1. The Security Audit
Prior to undertaking any security implemen-tation, it is important to gain an understanding of the client's existing network environment and the nature of the data and services (public and private) that need to be secured. To this end, one of the fundamental services of TSEC is an in-depth security audit, which is typically con-ducted at the onset of any engagement. The TSEC team uses a combination of the latest security tools, tried-and-trusted Thaumaturgix methodologies, and Thaumaturgix's six-plus years of experience in systems and security to conduct the audit. The following areas are examined to identify vulnerabilities:

  • Perimeter Security of the Communications Network (includes Vulnerability Scanning)
  • Firewall Policy and RuleBase
  • Security of the Internal Systems & Servers
  • Applications / Services Security
  • Physical Security - Environment & Equipment
  • Personnel, Operational, Procedural (POP) Security Assessment
  • Penetration (Intrusion) Testing
The results of the security audit are presented in the form of a Risk Assessment Report, along with recommendations for remediation.

2. Security Remediations
Upon conclusion of the security audit, the TSEC team can remediate the vulnerabilities or assist clients in designing their enterprise security architecture. The TSEC team has extensive experience with a wide variety of hardware and software technologies and best-of-breed security solutions in the industry, including firewalls, virtual private networks (VPNs), secure certificate authentication, and public key infrastructure (PKI) encryption technologies.

3. Managed Security Services
Maintaining a secure network environment is an expensive proposition for most companies and requires a dedicated staff of experienced professionals to monitor and constantly enhance the security measures of their online systems and applications.

Instead of maintaining an internal team of full-time security specialists, the TSEC team can be retained to provide 24/7 Managed Security Services, including real-time manage-ment of the firewall, intrusion detection systems, periodic virus and vulnerabilities scanning, patch management, pro-active blocking of exploits, and on-going security consulting. When combined with the Incident Response Team support and the Real-Time Security Advisory (described below), TSEC's Managed Security Services provide the most complete security solution required for any mission-critical environment.

4. Incident Response Team (IRT)
TSEC can also provide expert support in the form of the Incident Response Team (IRT). The IRT is available on a 24/7 basis to be called in when a security breach is suspected. The IRT is comprised of security and operations specialists trained to deal with security incidents, intrusion detection and isolation, lock-down procedures and systems/data recovery. The IRT is an essential part of a comprehensive security solution and can be used both by clients with internal security specialists on staff to supplement their security plan and provide disaster recovery support, and by clients who wish to outsource a complete security solution on an ongoing basis (in combination with 24/7 Managed Services and RTSA).

5. Real-Time Security Advisory (RTSA)
Rapid advances in new technologies have brought about a slew of electronic security threats. New vulnerabilities are discovered daily and new exploits based on these vulnerabilities are freely available. In order to meet these constantly evolving threats, TSEC provides a Real-Time Security Advisory (RTSA) service. RTSA is a customized service based on the client profiles created during the security audit, and keeps companies abreast of the latest exploits which could potentially affect or compromise their business environment. Along with the advisory, RTSA also provides recommended courses of action to counter the threat.

Conclusion
TSEC has proven to be an invaluable resource for business entities that rely on a secure network infrastructure for conducting their businesses. TSEC services have been effectively used across several vertical domains, including online e-commerce initiatives, financial environments, and more recently in the healthcare industry for HIPAA compliance management.

See more information about our HIPAA Security service offering.

For further information about Thaumaturgix's TSEC services, please contact
Moses Merchant, Executive Vice President, at 212-918-5024, or
Charles Rawls, Vice President of Systems and Networks, at 212-918-5152.

Copyright © 2007 Thaumaturgix, Inc. All rights reserved.
Privacy Policy