SECURITY SYSTEMS STRATEGY
The team at VDA Labs has the experience to assess your current security posture and help you define a strategy that will direct spending where you most need it. We can also help with configuration strategy.
HOW DOES VDA WORK WITH CLIENTS TO BUILD A SECURITY STRATEGY?
The first goal we have is to assess your current security posture. This can be done by active means, such as a penetration test, which is a great way to measure the base-line defensive position of your organization, or in a more general passive way through interviews and information gathering. We then use our decades of experience to make an assessment of your current posture to identify strengths and weaknesses.
Next we work to develop a prioritized road-map customized to your organization that will allow you to move the ball forward on security while gaining the most value for your investment. A critical component is impartiality – we don’t sell solutions for problems you may (or may not!) have, but provide unbiased advice.
WHAT DO WE LOOK FOR WHEN ASSESSING AN ORGANIZATION AND MAKING RECOMMENDATIONS?
Beyond our experience, there are a number of industry standards we can look to in order to evaluate the security posture of an organization. One of our favorites is the Center for Internet Security’s Top 20 Controls, the top five of which are listed below:
- Inventory of Authorized and Unauthorized Devices
- Inventory of Authorized and Unauthorized Software
- Secure Configurations for Hardware and Software
- Continuous Vulnerability Assessment and Remediation
- Controlled Use of Administrative Privileges