GLOBAL SECURITY SERVICES
SoftSages Information Security Services' strategy is based on a methodology called GSS (Global Security Services). This methodology involves effective and practical approaches to deal with the problems related to the Information Security area. GSS' main goal is to guarantee the existence of an ideal level of security throughout the environment. Besides, after the security deployment phase, the methodology provides continuous processes to keep and even increase the protection level previously achieved.
An ideal security level cannot be achieved only through products and policies. The concept of real security can only be obtained using specific methodologies and processes driven by specialists. GSS was created based on the company's experience in projects where, despite large investments previously performed in security products and policies, the analysis of the security level presented results below the company's expectations, especially due to the lack of effective processes and practical standards.
In the past years, many products have been under the highlights on the Security field, as firewalls, anti-virus, intrusion prevention systems, proxies, and others. Although these are key products to establish a good security level in the company, our experience shows that most of the problems related to vulnerabilities are caused directly by misconfiguration or mistakes performed during the deployment of systems and services, or by the lack of processes that guarantee the compliance of such configurations to agreed standards. This is one of the reasons supporting the fact that GSS is not linked to specific products, and that in fact, it tries to minimize the investment by maximizing the results obtained from security products already deployed in the customer's network.
Many processes deployed by the GSS methodology are proactive, aiming to avoid problems even before they happen, by adopting continuous preventive measures.
The main benefits obtained from the GSS methodology are:
- Customized Security
- Large experience in complex security deployments
- Security training and awareness of administrators and users
- Proactive tools to deploy the security on the environment
- Continuous check of the Internet perimeter for vulnerabilities
- Team of security specialists available for new projects
In order to guarantee the company's investment in security, SoftSages Information Security Services invests considerably in the latest security technologies and certifications in the area.
This allows SoftSages to provide its services while adding to the knowledge of the customer's internal team on the field.
We know that in many cases the economy and market complexities interfere on the customers' ability to invest continuously to keep their own teams up-to-date on the security area.
This is exactly one of the points where SoftSages can add value to the services provided, where SoftSages own investments on security knowledge, and the use of an effective methodology, allows us to guide the efforts of the administrative teams towards a correct and effective path.
Through the GSS, the knowledge of our security specialist teams, shared with various vendors, research institutes, and customers, are used directly on the projects and shared with the teams, creating an economically viable option to the customer.
Besides, the GSS allows the customer to focus on its core business, by leaving the security-related solutions to SoftSages, which has security as its own core business.