Computer Security in Scotland -click for home page.

Active Net Steward- takes over where traditional firewalls STOP !

  

Online-edge ltd.

is pleased to offer World-Class DISTRIBUTED FIREWALL technology, in partnership with SecurityDesigners, to organisations in Scotland. The Active Net Steward Intranet Security system has been designed to protect against the largest recognised threat to corporate network integrity, the 70% of security breaches are from within the organisation..

CLICK HERE to visit SecurityDesigners.com website.

  

 

BS7799 – Information Security Management, Code of Practice – Paragraph 1

“Information is an asset which, like other important business assets, has value to an organisation and consequently needs to be suitably protected. Information security protects information from a wide range of threats in order to ensure business continuity, minimise business damage and maximise return on investments and business opportunities”.

BS 7799 is the internationally acclaimed British Standard which addresses the subject of Information Security Management. (Also known as ISO 17799). Information Security Management Systems (ISMS) are used to reduce the risk of sensitive information being misused, damaged or falling into the wrong hands. In the current climate, many people focus on information stored on computer systems but it is important for organisations to consider all forms of confidential information, including paper records and even conversations.

Part One of BS 7799 is a Code of Practice, based on the information security practices of blue chip organisations. It contains 10 sections and 10 key controls, which are either essential requirements or considered to be fundamental building blocks for information security.

Part Two of BS 7799, published in April 1998, is used as the basis for a formal certification scheme. It specifies requirements for security controls to be implemented according to the needs of individual organisations and contains over 100 controls derived from and aligned with the objectives and controls in Part One.

CLICK HERE for an overview of BS7799

 

  
HOW TO CONTACT online-edge -     WHAT TO DO NEXT -  
CONTACT online-edge

To contact us by post, our address is as follows:

online-edge Ltd.

The Old Smithy, 59 Lanark Road,

Crossford, South Lanarkshire,

Scotland ML8 5RE.

Tel (01555) 860113

Fax (01555) 860748

©2004, online-edge ltd.

 

If you would like assistance with any aspect of IT security, please call online-edge on (01555) 860113 and ask for our IT Security helpdesk.

To arrange a FREE initial consultation or onsite demonstration, or to request further information, click the link below to send an email:

Back to TOP OF PAGE

  
Disclaimer- Please note that information on this website is provided for general guidance only. online-edge Ltd. hopes that you will find the information helpful and easy to use, but it provides the information "as is" and makes no representations or warranties of any kind regarding it. online-edge Ltd. disclaims all liability of any kind whatsoever arising out of your use of, or inability to use, this website and the information contained on it. All trademarks are the property of their respective owners.
BS7799 Summary    
Requirement   Benefit
Information Security Policy  
Companies are required to set out a policy specifying the level of security that they wish to implement.   A target for an effective security system is created at the outset.
Security Organisation  
The structure of the organisation's security must be clearly mapped out.   Internal and external security requirements can be identified, monitored and controlled.
Asset Clarification and Control  
Information is assigned a value, reflecting the impact its loss might have on the organisation.   Levels of security, appropriate to the value of the information protected, can be implemented.
Personnel Security  
Staff must be trained in relevant areas that support the security policy (identifying breaches of policy, staff vetting, confidentiality agreements and individual responsibilities for specific tasks).   Security checks can be carried out on a regular basis, by everyone in the organisation.
Physical and Environmental Security  
The safekeeping of information, in all the environments where it is used or stored, must be monitored and controlled.   The risk of losing information through fire, burglary, flood etc. is minimised.
Computer and Network Security  
Documented procedures must show that current and new information is secure from loss, corruption or disclosure.   An ongoing security programme is in place to protect electronic information
System Access Control  
Particular emphasis is placed on those operating the in-house system and the means by which entry to the system is gained.   Unauthorised access to information can be controlled.
Systems Development and Maintenance  
All new systems must be tested and controlled away from the live environment.   'Back door' access to current information via a new system is prevented.
Business Continuity Planning  
A business continuity plan must be prepared and updated to assess security risks within current and revised working environments.   Awareness of all potential security hazards can be achieved and controlled.
Compliance  
The security policy must be audited to ensure that it complies with legislative and regulatory requirements.   The security policy must be audited to ensure that it complies with legislative and regulatory requirements.
Back to TOP of PAGE  
Disclaimer- Please note that information on this website is provided for general guidance only. online-edge hopes that you will find the information helpful and easy to use, but it provides the information "as is" and makes no representations or warranties of any kind regarding it. online-edge disclaims all liability of any kind whatsoever arising out of your use of, or inability to use, this website and the information contained on it. All trademarks are the property of their respective owners.