ICT Security

 SecFrame
Information security management supporting tool compliant with BS 7799-2:2002. It has a built-in PDCA (Plan-Do-Check-Act) scheme on whose basis each institution can establish, document, verify, manage, and improve its own information security management system.

 information leaflet in PDF

Demo versions of products available from secframe@iss.pl


 SecCert
ICT security development and evaluation supporting tool, according to Common Criteria, for the evaluation assurance levels EAL1 – EAL4. It accelerates development and evaluation processes and reduces their costs.

 information leaflet in PDF
Demo versions of products available from seccert@iss.pl


 SecFile
Software ensuring security and confidentiality of stored files by encrypting them. It protects integrity of media-stored information, controls access to confidential information, prevents disclosure of information.

 information leaflet in PDF



 SecOffice
Application for encrypting and signing documents directly from MS Office (Word, Excel) and files from the local menu of Windows Explorer.

 information leaflet in PDF


 SecWebForm
System using digital signature to protect integrity and authenticity of data contained in HTML forms. The data collected from server-secured websites can be transferred to various applications, thus they can be useful in: Internet transactions, tax forms collection, exchanging data with public institutions, finances, e-banking, other transactions that require the sender’s identity confirmation.

 information leaflet in PDF


 Public Key Infrastructure

• Analysis of possible applications and PKI implementation strategy development
  
• Design of PKI implementation, including extra components: LDAP repository Time Stamps Authority (TSA) Online Certificate Status Protocol (OCSP)
  
• Design and implementation of Public Key Infrastructures with the use of solutions recognized on the market
• Working out documents required for PKI implementation
• Selecting hardware and software components, warranty and post-warranty service
• Consulting on solutions selection
• Trainings on PKI

  Information and services security policy

• analysis of clients’ business needs
• analysis of potential impact of incidents on business processes
• analysis of threats and vulnerabilities
• gap analysis
• general and detailed risk analysis
• preparation of security policy document and other related documents
• physical security design
• logical security design
• security policy implementation
• preparation of audit plans
• trainings and workshops according to clients’ specific needs

  Trainings

Trainings and workshops for end-users and producers of secure IT products, people responsible for information and services security, security officers, administrators, security systems users, managers, system designers, auditors, people who have access to confidential and sensitive information.
Topics:

• Security of ICT systems – basics
• Information security based on BS 7799-2:2002
• Security of Windows and Linux platforms
• ICT security development and evaluation according to Common Criteria (ISO/IEC 15408)
• Cryptography, Public Key Infrastructure
• Security of network systems and advanced information technologies
• Anti-terrorism
• Protection of personal data and confidential information