Print PDF

Security of users and data

Security of the system, its users and the data used in daily work is an integral part of the development policy of every company. However, the case that the company is able to address all aspects of its security by itself is rare, therefore, in most cases help must be sought from the outside.

COMBIS is fully aware of today's security challenges that IT systems of various sizes and complexity are facing. To help businesses to respond well to challenges, and following current trends and technologies, COMBIS provides services of design, construction and maintenance of various security systems for specific customer needs.

All security solutions provided by COMBIS will easily be integrated into existing infrastructure, which will result in increased productivity and quick return on investment.

  • Malicious Code Protection at Workstations, Servers and Applications

As today classic antivirus solutions no longer meet the minimum requirements for protection of workstations and servers, manufacturers have started to create modular packages named Endpoint Security.  Such package, along with an antivirus module, typically includes a firewall, a spyware detection module, an intrusion prevention module (HIPS), an application monitoring module, protection for physical and virtualized environments, etc.

  • Spam Protection

The security solution in COMBIS' portfolio will not only provide quality protection from unsolicited mail (spam) and malware (viruses, worms, trojan horses, etc.), but also implementation of advanced policies that control inbound and outbound e-mail. Other advanced features include the ability to encrypt outgoing messages and activation of the so-called DLP (Data Loss Protection) modules with predefined policies for the control of sensitive content, such as credit card numbers and the like.

  • Web Traffic Control and Protection

The security solution in COMBIS' portfolio will address three potential issues at once: it is designed to protect users from malicious content while providing a detailed analysis of traffic for each individual user, including simple procedures for the creation of reports based on numerous key words. The caching functionality for standard web pages, as well as for some live streaming content, will prevent clogging of the Internet connection when audiovisual content needs to be viewed.

  • Public Key Infrastructure (PKI)

In cryptography, PKI is a mechanism that will link public keys to the individual user by means of CA (Certificate Authority) organization. Connectivity is provided through registration processes and issuance of certificates, which, depending on the security level, may be executed in CA entities or under human control.

The implemented PKI solution will provide the following functionalities:

  • Digital document signing
  • Protecting e-mail from unauthorized reading
  • Providing secure links between several computers
  • Additional method of user authentication by means of smart cards
  • Reliable access to network resources, including remote access, VPN, wireless authentication
  • Document encryption...

The PKI infrastructure is the basis used to build other applications, systems and other network security components.

  • Content Encryption

Due to the advent of new technology and drop in prices, data protection on laptops and storage devices is an increasingly important factor in system protection. Sensitive data must be protected from theft or loss regardless of their location. This calls for implementation of an encryption system that will cover all media used to transmit sensitive information – whether on laptops, USB disks, or electronic mail.

  • Log Management

A log management solution is typically used for collection, organization and archiving of server, application and network equipment logs. In addition to logs, the same solution will provide generation of various reports and event notification in the IT environment. It is used by small and medium enterprises that have a need for a centralized collection of logs due to auditor requirements and the like.

For larger enterprises, a SIEM solution is recommended. A quality SIEM solution must provide more advanced features such as log correlation (relating events from logs of various devices / servers), incident handling and generation of advanced reports, either for audit purposes or to comply with safety standards.

COMBIS offers both solutions which can be further customized to meet the users' needs.

  • Multiple Authentications

Providing access to systems and resources from the outside has always been a challenge for any company regardless of its size or complexity of its infrastructure. As the password has long been recognized as an insufficiently secure means of authentication, the system must be secured in another way, which is most often done by implementation of multiple authentications.

The Combis solution offers a wide selection of authentication devices that will satisfy every need. All types of tokens are available, USB tokens with smart card functionality, smart cards and readers and digital signature devices.

By means of software packages, all these products can be integrated into systems such as Citrix, Windows Desktop, Web applications, various types of VPN server, firewall and other network devices.

The solution will support integration with Radius systems, Active Directory and numerous web applications (supporting the SOAP protocol), and will provide strong authentication for Cisco network devices, MS TMG Server, MS Exchange OWA, MS Windows Desktop, various SSO solutions and Citrix. The solutions are usually offered along with solutions for automatic access to resources (SSO), Identity Solutions (Tivoli) and PKI (Public Key Infrastructure) systems.

  • Single Sign-On (SSO)

Companies with a larger number of employees and a larger number of applications which must be used simultaneously will sooner or later find themselves spending more and more time with password administration.  However, there is a cure for it. In its portfolio, COMBIS has a Single Sign-On solution which will quickly and effectively resolve the issue of centralized and unified user access to all of the applications they need. This solution will allow rapid profiling of all applications, without a scripting requirement. In addition to the SSO component, this solution also includes an authentication component, which means that in addition to the initial login to the system, apart from the password, it will support various identity verification methods by means of tokens, smart cards, biometrics, etc.

The COMBIS Single Sign-On solution will increase safety and introduce strong authentication methods, while allowing users to use strong passwords in their work with applications without having to remember them.

  • Access Control

Companies that primarily use contractors to maintain their system, often have problems with access control and with identifying who was doing what and how much time they have spent on it. Financial institutions (banks, insurance companies) particularly wish to keep track of who did what on servers that house critical services.
COMBIS is able to offer a solution that provides the option to record and later review activities on workstations and servers. Monitoring is possible either by the user using the infrastructure directly via console or by connection via Terminal Services, Remote Desktop, Citrix, VDI, VMware View, or some other tool for remote access to infrastructure.

In addition to event pictures, the data collected include meta data such as the names of applications run during operation, file names and other elements.

  • Identity Management

Companies with many employees and a larger number of diverse applications tend to have problems with user account management, due to the large number of users and applications.

A quality Identity Management solution will improve security, introduce order and clear procedures in the handling of accounts and provide centralized management of all user accounts of different applications in one place. The numerous benefits include automation, i.e. the automatic launch of procedures for the creation of new accounts or cancellation or alteration of existing ones, as well as the possibility of accurate definition of user profiles and privileges assigned to the individual system user, along with a simplified approval process and the possibility of administration and approval delegation.

Identity solutions will often be linked to so-called SSO (Single Sign-On) systems, thus making it possible to round out the picture and provide the customer with a complete authentication, authorization and Single Sign-On solution.

  • System Security Level Analysis – Vulnerability Scanning and Penetration Testing

Vulnerability scanning must include checking of all IT system segments (servers, workstations, network equipment, network printers, operating systems, web applications) to identify vulnerabilities in any part of the system.

Since timely identification of vulnerabilities means that they can be analyzed and removed, regular checkups of this type will reduce the chances of a successful attack and compromise of information from the outside or inside.

Moreover, given that regular vulnerability checks are necessary for compliance with most security standards (PCI-DSS, ISO 27001), it is also essential that the generated report contain all elements required by audit.

Penetration testing has become an integral part of every quality security policy, and is also included in the mandatory requirements for PCI-DSS.

For penetration testing, COMBIS employs OSSTMM and OWASP methods which are recognized by international companies and security experts. The tools used for manual penetration testing are recognized and proven "open source" tools, unless the customer requests that a specific tool be used, in which case the customer must own or purchase such tools.

  • Security Solution Maintenance

Thanks to a sufficient number of trained and certified professionals, COMBIS can offer 24x7x365 maintenance in all the required forms.

  • Assistance in Coordination with Security Standards

Thanks to its experience and previous projects, COMBIS is able to offer its customers assistance in coordination with various standards such as PCI-DSS or ISO27001. Such support will include system analysis, proposal of hardware and software solutions that may help in the harmonization process or consulting in the subject matter with regard to preparation of documents.
Top of page prijava test