• Marking
• Application Development
• Employee Training
• Computer Networks
• Security Planning
• Security Examination

Security Examination

Over half the reported computer crimes originate inside the organization, and can lead to financial loss and third party liability for the employer. Outside threats are also a growing problem. Some experts estimate that up to 90% of all computers have been compromised by Viruses, Trojans, Worms or Spyware. Many users only become aware of these compromises when the computer slows down or crashes. AST can perform limited or full-scale examinations to investigate possible compromises. As well as a computer’s usage history. Computers are the property of the organization, and as such are legally subject to internal investigation. Employee notification and random computer examinations are an excellent tool to dissuade employees from misusing company resources.

Hardware and Software Security Measures

• Antivirus, Trojan and Worm Software: Antivirus software is an absolute necessity, because most outside attacks originate from malicious code. Even more important than the initial deployment of a good virus checking program is regular updates of the virus definition files.
• Antispyware Software: Spyware has in the last few years become even more prevalent than viruses. Up to 90% of all computers are compromised by Spyware. These instances of Malicious Code waste CPU time, RAM memory, bandwidth, and hard drive resources on virtually all unprotected Internet connected computers.
• Anti-Spam Software: There are several good anti-spam solutions available to both large and small organizations and families. Currently there is no complete Spam protection, but these products help to limit the amount of Spam that gets into your email box. Microsoft Exchange Server 2003 and Outlook 2003 have excellent SPAM protection built in.
• Firewalls: Inexpensive hardware and software firewalls are the best first line of prevention and defense against external intrusion.
• Scheduled System Upgrades: Good security is an ever-evolving war of new methods. Installation of system upgrades, patches and new methods of prevention, detection and response must be budgeted and deployed into any organizational security plan.
• Encryption and Digital Certificates: AST advises its clients about modern encryption and digital certificate methods that can be deployed to increase the privacy and security of data transmission via the Internet. Sensitive information should never be transmitted in pure text, because cyber criminals are constantly monitoring the Internet “sniffing” for important information.
• Intrusion Detection Software: Modern intrusion detection software warns of a potential breach without driving the network administrator crazy with false alarms. Newer products use artificial intelligence learning systems to develop a better method of notification of true attack events. These products lower the incidence of false alarms, and more accurately detect actual attacks.
• Intrusion Prevention Software: These protection products are rapidly advancing in their ability to detect and prevent attacks.