Management System Services
Information Security Services

Risk Assessment & Security Monitoring

NexCons provide Assessment and Monitoring Service to Protect Organizations' Most Critical Assets. We do the penetration testing service which is highly creating, out-of-the-box engagement often results in new vulnerabilities being discovered or new tool developed from such an exercise. IT and network security audit is an invaluable tool for customers, allowing them to get their systems together to protect from the majority and more dangerous internal and external threats. As part of a comprehensive assessment of your overall network risk, it's important to assess not only the physical and technological protections you implement, but also how vulnerable your organisation may be from your employees' Internet activities and the browsing habits on your internal network.

NexCons assesses risks on a range of assets, including: domestic and international industries offices; global contractors, suppliers and partners, and their offices; and intellectual property coveted by fraudsters, like customer lists, passwords and account numbers, and personally identifiable information (PII) on employees and customers.

We analysis uncovers a range of threats and recommends risk mitigation for problems such as:
  • Network policies for access rights to sensitive documents, USB drives and peer-to-peer (P2P) software installations
  • Localized physical and cyber threats, such as in-country hacker groups and organized crime schemes
  • Physical and logical vulnerabilities in networks, equipment, and facilities
Business Continuity Management
Risk and business continuity management is, without doubt, due diligence. Planning for crisis or disaster is an aspect of management that can only be short changed at your peril. However, it is a complex science, and not a five minute job. There are of course a range of tools to assist and to help create process. However, until relatively recently, there has been little effort to create a generally accepted framework.

BSI, in conjunction with the BSI originally published a guide which established the process, principles and terminology of BCM. Specifically, PAS 56 described the activities in and 'outcomes' of establishing a business continuity management process, and provided a series of recommendations for good practice. It provided a generic management framework for incident anticipation and response, as well as describing evaluation techniques and criteria. It was produced through the British Standards Institution. The sponsors were the BCI and Insight Consulting, although a number of other organizations were consulted during the development, including Sainsbury's, EDS, The Post Office and the OGC.

The Emergence of BS25999
In November 2006 an official standard was published to replace PAS56. This was BS 25999-1. It was produced through the British Standards Institution (Subcommittee BCM/1/-/2), which constituted representatives from a number of organizations and industry bodies. Others were additionally consulted during the development. A year later, in November 2007, a second part was published, stemming from the same subcommittee.

Is It A Standard?
Yes. In fact BS25999 actually embraces two standards: BS 25999-1 and BS 25999-2. The former is a code of practice (which is the document based upon PAS56, as described above) and the latter is a specification for business continuity management. It is also important to understand that a standard does not purport to include all the necessary provisions of a contract.

So What Is It For?
It is intended to provide assistance to the person responsible for implementing business continuity management within an organization. It describes a framework and process for the Business Continuity Manager to use and offers a range of good practice recommendations. The second part can also be used to assess an organization's ability to meet regulatory and other requirements, and as such is the basis for certification.

Hopefully this website can offer some instruction and background. Please feel free to browse the pages above.

Please ask for quotation
eIndiaBusiness Member