IT Security Consulting Services
A Smart Approach to Compliance and Security Enhancement
AhnLab’s IT Security Consulting Service is provided by IT security experts, many of whom are Certified Security Professionals (CISSP, CPP) as well as certified IT product specialists. We analyze the security threat factors of businesses and organizations based on AhnLab’s experienced consulting processes to help you improve your IT security status against advanced threats, facilitate compliance, and efficiently reduce information security risk.
ASEM, the established security consulting methodology of AhnLab
AhnLab Security Engineering Methodology (ASEM) uses a general and systematic approach for analyzing threats in companies or organizations and establishing solutions accordingly.
AhnLab has been designated by the South Korean government as a “Knowledge Information Security Consulting Services Provider” and ASEM is a verified methodology that was awarded for “Software Engineering and Building Technology.” ASEM continues to improve over the years via various projects and consulting experiences. In order to deliver real business value to your organization, AhnLab IT Security Consulting Service presents the most helpful guidelines to clients by performing the following tasks
1. Supports core business and tasks
We analyze and evaluate the application system that supports the organization’s core business and tasks and the information infrastructure, and then present an information protection solution that will maintain the stability and reliability of the business.
2. PDSC analysis technology
Based on the method of PDSC (Plan-Do-See-Check), we evaluate your security system and current status to provide the best security countermeasures.
3. Component Based Process (CBP)
ASEM modularizes each process of security consulting services so that it can be applied to various environments and delivered with cost-effective results.
4. KPI (Key Performance Indicator) of security performance
We set the security level and goal for clients based on our established information security model and present the KPI of the security performance’s effect on the corporation or organization’s business goal or strategy performance.
5. Threat response scenario
We present an optimal information security countermeasure that has been verified based on a 5-stage scenario that identifies threats which could affect the corporation or organization.
AhnLab provides IT security consulting services in most areas including compliance, personal information, security systems, industrial facilities, mobile systems and mock-hacking as shown below:
1. Information security management system and certification (ISO27001)
The information security standard is intended to help establish and maintain an effective information protection management system. This will increase the credibility of companies. Security control selection in the security management system will also provide continuity and enhance standards in information protection.
2. Personal information protection
AhnLab’s consulting services inspect the personal information protection status of corporate systems and departments that deal with personal information and evaluate the managerial, physical and technical protection levels to establish a master plan for information security and to modify or enhance the information protection policy, guidelines and procedures. AhnLab’s consulting professionals use ASEM to establish a systematic personal information protection solution. They also design the physical and technical security architecture for sensitive information, and establish a system to continually enhance and maintain this architecture through a management process.
3. Integrated security assessment
AhnLab’s Security Assessment & Master Planning Group inspects the corporate security management system on the whole and presents a security solution for vulnerable areas. They inspect the client’s security status and issues based on the information security standard and provide an overall guide for security. This group of security professionals uses a checklist and tools based on the international security standard (ISO27001) and other related security standards to assess and evaluate the security standard of the company through interviews, and presents security solutions in terms of priority.
4. System security assessment
AhnLab’s consulting services examine the various threat factors that could affect the confidentiality, integrity and availability of important information systems (server, network and security system) they also evaluate vulnerabilities and present solutions for each identified vulnerability. These vulnerabilities are evaluated by type (server, network, information protection system, WAS and DB) according to the form of attack (remote or local), and inspected in the following order:
5. Penetration test
With the customer’s consent, AhnLab’s security experts conduct internal and external penetration tests based on AhnLab Penetration Test Methodology (APTM). We search the vulnerabilities of the client’s security systems and present the best countermeasures to prevent both internal and external threats and security incidents. The AhnLab Penetration Test Methodology (APTM) consists of 9 stages to ensure a systematic and x-objective approach.