IT security services

Company-internal processes inside companies are typically computerized to the utmost extent these days, consequently companies and institutions are more depending on the IT systems serving their business activities. On the other hand though, IT security generally lags behind the development of IT systems, therefore its deficiencies are mostly just revealed in the case of a security breach. Having realized this, Fornax Co. was one of the first companies in Hungary to establish its information security group in 1999. This group has reviewed the internet and network security of several major companies since accordingly it has a reliable knowledge base and expertise.

The team that deals with information security and more specifically with IP security system testing, prefers and applies “manual” inspections rather than automated, software-based testing. By approaching things similarly to the way malicious attackers would, they explore the security gaps back-doors resulting from errors of the various systems, then give guidance on how to eliminate and fix these errors. During inspections, the differences between various regulations, policies, procedures (taken as basis) and the actual conditions are reviewed.

Fornax Co.’s experts, who have an outstanding know-how and experience relating to computer intrusion control, place major emphasis on being permanently weel-informed about new technologies and procedures emerging in this field, thus keeping pace with methods introduced and used globally.

If requested, the efficiency of the error correction can be verified by a repeated security inspection.

Due to the rapid development of internet-based and other data communication methods, the IT knowledge base is expanding by the minute. Consequently more and more errors and security gaps are revealed continuosly keeping pace with which is a difficult task. Many of our partners shift this responsibility to Fornax’s Security Group.

Nowadays, companies tend not to devote sufficient attention to security based on the common misbelief that by buying a firewall all their IT problems can be solved.

Structure of the Corporate IT Organization

Trends show that IT organizations at companies are growing and becoming more and more diverse and complex. Companies frequently take the functionality of the IT systems as first priority, while security is considered to be of secondary importance. The reason is often the lack of sufficient human resource or expertise. The IT manager’s situation is also difficult, because in the case of multi-level organizations they do not have a complete overview of the work of the system administrators. It is not possible to control everything bit-by-bit; moreover this is not what system administrators are supposed to do anyway.

Printable version

IT Controlling serves to solve exactly these specific deficiencies. IT security activities and projects usually consist of three main phases. The first one is planning, which can be performed perfectly by consultancy firms. The second one is implementation, supposed to be performed by the suppliers. The third one is control, which, based on experience, in most cases receives very little attention.