ISO 17799/BS 7799

• Counteract interruptions to business activities and to critical business processes from the effects of major failures or disasters

Overall IT monitoring of core resources and redundant or back-up site, including:

• Current faults reporting (current alerts)
• Availability reporting
• Latency
• Performance reports on network utilization, system O/S metrics, SQL, Exchange and Oracle
• Intelligent Windows event log monitoring for precise error identification

• Control access to information
• Prevent unauthorized access to information systems
• Ensure protection of networked services
• Prevent unauthorized computer access
• Detect unauthorized activities
• Ensure information security when using mobile computing and tele-networking facilities

• Vulnerability scanning
• Patch assessment
• Firewall monitoring
• Real-time intrusion monitoring: monthly summaries on use of admin. Password including; login/logout activity, failed login details; account modifications

• Ensure security is built into operational systems
• Prevent loss, modification or misuse of user data in application systems
• Protect the confidentiality, authenticity and integrity of information (specifies cryptographic controls)
• Ensure IT projects and support activities are conducted in a secure manner
• Maintain the security of application system software and data

• Automated security alerts, notification, and escalation capabilities
• Time-based escalations
• User-customizable threshold-settings to control and focus alerts

• Prevent unauthorized access, damage and interference to business premises and information
• Prevent loss, damage or compromise of assets and interruption to business activities
• Prevent compromise of theft of information and information processing facilities

• Asset reports automatically identify all moves, adds, and changes
• Notify on changes in access policies, changes in firewall configurations, router configurations, disk drive removals, and environmental
• Archive up to one year's worth of history

• Avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements
• Ensure compliance of systems with organizational security policies and standards
• Maximize the effectiveness of and minimize interference to/from the system audit process

• Use SOTEC Remote Monitoring to take a quick "snapshot" and baseline network activity to establish what constitutes "normal" activity for comparison purposes
• Better differentiate between denial of service attacks and legitimate increases or spikes in network traffic
• Aggregated firewall reports ensure firewall is in compliance with organization security policy

• Reduce risks of human error, theft, fraud or misuse of facilities
• Ensure users are aware of information security threats and concerns and are equipped to support the corporate security policy in the course of their normal work
• Minimize the damage from security incidents and malfunctions and learn from such incidents

• Real-time alerts help immediately assess what happened
• Windows intrusion monitoring provides monthly audit trails

• Ensure the correct and secure operation of information processing facilities
• Minimize the risk of systems failures
• Protect the integrity of software information
• Maintain the integrity and availability of information process and communication
• Ensure the safeguarding of information in networks and the protection of the supporting infrastructure
• Prevent damage to assets and interruptions to business activities
• Prevent loss, modification or misuse of information exchanged between organizations

• Overall IT monitoring of core resources and redundant sites
• Current faults reporting (current alerts)
• Availability reporting
• Latency
• Performance reports on network utilization, system O/S metrics, SQL, Exchange and Oracle
• Intelligent Windows Event Log monitoring for precise error identification
• Complete view of infrastructure and hosted applications to better isolate and predict problems before degradation of services

• Maintain appropriate protection of corporate assets and ensure that information assets receive an appropriate level of protection

• Asset reports discover, inventory and clarify what is actually running on the network