Legislative requirements, leading Information Assurance (IA) practices, operational constraints and corporate strategic direction are just a few key elements addressed when developing effective technology security policies and IA programs. Tapestry Solutions can take an existing program and strengthen it to meet its customers’ corporate security objectives, or custom-tailor a new IA program—complete with roadmaps, milestones and metrics that align with a client’s strategic intent. Experienced IA engineers will provide technical guidance to new and existing Information Technology (IT)/IA Security Managers and help them establish and maintain viable security programs. Some of Tapestry’s IA Policy and Security Program service offerings include:
- Development of IA-related Policies:
- Acceptable Use for Corporate Technology Infrastructure/Assets
- Security Patch Policy Management
- Technology Security Training
- Audit, Logging and Monitoring
- Encryption
- Portable Electronic Device (e.g., flash memory thumb drives)
- Privacy Protection
- Anti-Piracy/Software Assurance
- eDiscovery/Data Retention/Federal Rules of Civil Procedure (FRCP) Compliance
- Information Handling and Marking
- Identity Management
- IA Program Design and Maintenance
- Develop Roadmaps to Customer-specified Security Milestones and Objectives
- Define and Recommend Risk Mitigation Strategy
- Identify Compliance Security Goals that Address Industry-specific Mandates
- Produce Due Diligence Documentation for Legislative Security Mandates
- IA/IT Security Capital Investment Planning and Return on Investment (ROI)
- Funding Strategies for IA/IT Security Initiatives
- Create Presentations that Target Board of Directors/Senior Management for Executive Buy-in and Approval of Technology Security Projects
- Establish IA and Security Metrics and Appropriate Reporting Processes