CONSULTANCY

We are able to advise on a wide range of information security areas.
Whether you are building a new data centre, designing software packages or just need reassurance that your existing policies are adequate - or need updated, then Indelible Data are able to help. We get involved at every stage of the security process and our our services include:

• Banking.
Subject Matter Expertise analysing and assessing network and application vulnerabilities in order to maintain best practice procedures for patching the required systems in the correct order and in a timely manner (triage).
We helped conduct a huge project that involved taking data from several thousand servers internationally (using McAfee Vulnerability Manager), liaising with all the different platform and remediation teams, setting targets, baselines and compiling reports for Senior Management.
The office automation processes we developed to help the teams assemble data became vital to the success of the project - vastly improving the ability monitor and report vulnerabilities and action the required remedial work. This contract required Scotland Disclosure clearance and strict adherence to PCI, Sarbanes Oxley and ITIL

• Nuclear Supply Chain.
In line with ISO 27001, we have conducted a complete risk analysis programme and formulated policies and procedures to demonstrate that Information Security is of paramount importance when handling and sanitising commercial hardware that has originated from companies holding Sensitive Nuclear Information.
All business processes, software applications and telecommunications were audited and recommendations / implementation plans drawn up to commission a secure disaster recovery site to maintain availability of data processing functions.

• Software Houses.
These have clients who are large multinationals. We have been asked to oversee the implementation of ISO 27001 to allow them demonstrate their commitment to information security to help win and maintain contracts.

• Market Research Companies.
Developing strategies and solutions to secure the sensitive commercial information of high profile clients and personal details of participants. This involves developing training plans, writing policies and procedures, assessing Data Leakage, Firewall, malware and infrastructure solutions and making recommendations.

• Publishing Houses.
We have coordinated the PCI (Payment Card Industry) compliance programme to ensure sensitive data is handled and transmitted appropriately at the Head Office and remote sites. Conducting full gap analysis, risk assessment of business processes and forming implementation plans to instil a culture of security in the company and identify requirements to aid the selection of new software applications, physical access controls and network hardware.

• Online and mail order companies
Both local and national, have benefited from our ability to devise solutions to pressing IT security problems - many requiring a complete redesign of workflow and some benefiting from targeted adjustments to existing systems in order to meet PCI requirements.