Security analysis & monitoring

Security analysis

In today's world, the importance of security in all aspects of business is increasing on a daily basis. The area of computer and network security is no exception.

Obviously, every business should be concerned about security. However, just as with bricks & mortar security, information security needs vary widely between different businesses. Therefore, the first and most vital step in improving any organisation's computer and network security is a thorough analysis of the specific security needs of that organisation (and of the efficacy of existing security measures in meeting those needs).

Whilst most off-the-shelf "security products" on the market today are at least reasonably effective in achieving the outcomes they are intended for, application of any of these products without prior analysis of the security needs of the organisation may or may not improve the organisation's overall level of information security (depending on the particular product and the particular organisation), and almost certainly will not meet all of that organisation's specific information security needs.

saosce offers a comprehensive information security analysis service, the end result of which is an assessment of in-place security measures and present security needs, and a set of recommendations for security measures to be implemented. These measures may include any combination of off-the-shelf and custom products (hardware and software), policy reviews and end-user training. Of course, saosce can also help your organisation implement the chosen solutions.

Remote monitoring and maintenance

Just as important to continued secure operation of an organisation's computing infrastructure as the initial security analysis and implementation of suitable security measures, is the ongoing monitoring & maintenance of the systems and networks being protected by those measures.

In the bricks & mortar world, since time began, technology in the security arena has been a constant race between those that create new security measures and those that create new ways of defeating them. The same is true of information security, but the race is run in the much faster-moving world of "cyberspace". No matter how good any security measure is today, someone, somewhere, in the not too distant future, will find a way to compromise it.

A good security monitoring and maintenance service is about timely detection when such a compromise has occurred in a given network (regardless of whether the exploit is publicly known yet or not), and the timely implementation of regular updates to security measures, as and when they become available (in the case of off-the-shelf products) and as necessary (in the case of custom systems, policies and user practices). These services are often coupled with general network and server monitoring and statistics services, which can help with the management and forward planning of systems and network capacity (see Computing infrastructure planning & establishment)

In the event of a security breach, providers of security monitoring and maintenance services also need to be well equipped for the provision of disaster recovery and forensic analysis services.

saosce is well positioned to supply all of these services. For a confidential discussion of your organisation's security analysis, implementation or monitoring & maintenance needs, contact saosce at, or for immediate action following a security breach, call the saosce disaster recovery hotline on (04) 3828-7866.