IT Security is a discipline concerned with the establishment and implementation of security controls and practices that provides the means to protect sensitive information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. The discipline’s goal is to insure that information and information system’s confidentiality, integrity, and availability (CIA triad) is maintained in support of overall mission objectives.
This is accomplished by the proactive identification of vulnerabilities and the knowledge of how to effectively leverage proper tools in order to mitigate associated threats and achieve a high degree of information and infrastructure CIA. In addition to determining whether a firewall, an IDS/IPS, a HIDs, a spam filter, or another tool is required, the correct placement and integration of the tool along with the proper support model is needed to assure that the tool not only serves its purpose but does it in the most efficient and effective way possible. Without this process in place the information and underlying infrastructure that dispenses it can be left open to inefficiencies and exposures leading to its compromise, alteration, and destruction and causing the organization and its leaders to lose face and money in the process.
Le-Arnold’s IT Security Engineering consultants have over 20 years of combined experience in information and information security disciplines that encompasses application development, network and system integration and administration, network and system securitization, and enterprise infrastructure deployment and support. Selected clients include:
Assessment and recommendation on the improvement of organization’s network security infrastructure configuration and design
Protection of organization’s information and information systems from compromise
Prevention of cyber-espionage and development of strategies that minimize the leakage of Sensitive Security Information (SSI) and Personally Identifiable Information (PII)
Development of security standards and guidelines for organization’s information and infrastructure securitization
Development of sound security practices that effectively balance organization’s infrastructure securitization with end-user work requirements
Conducting research into new and existing security technologies to assess their application within the organization’s security framework
Investigating current and emerging threats and exploits and recommending applicable security controls to minimize or eliminate the risk of exposure