Identity and access management (IAM)

The purpose of IAM is to ensure that the right person gets access to the right information at the right time. In this way, new deals and collaborations are made possible, while information security is retained or even reinforced. We have a comprehensive offering in the IAM field and will help you with every step along the way, from setting up an IAM strategy and analyzing your processes and operations, to defining roles and other vital attributes for effective access control. Of course, we can also participate in implementation, with identities managed through automated and quality-assured processes throughout the lifecycle.

PCI DSS

PCI DSS (Payment Card Industry Data Security Standard) is a security standard in the payment card industry that serves to protect payment card data. Our consultants have been working with PCI DSS since it was established in 2005 and we have also been involved in developing the standard. With experience from global retailers, service suppliers, banks, and incident investigations, we have encountered all manner of issues and know which solutions work. We are also accredited to perform reviews as a Qualified Security Assessor (QSA).

Tailored ISMS

We can help your organization implement an ISMS, Information Security Management System, in accordance with ISO/IEC 27000, which supports your operations and offers simple application management. To achieve this, we design the ISMS so that your work with information security becomes a natural part of the operational processes that are already in place and use, such as risk management, system development, and application management.

Security as a Service

With Security as a Service, you get access to the full range of our competence, either as a service or as an outsourced function. This can for instance encompass a number of our services in a functional delivery, with a blend of competence and experiences that can change over time. The only thing you need to do is decide which risk levels and metrics should apply for your company. We will take care of the operative aspects and report back regarding your security status on a regular basis.

Awareness

The weakest link in an organization’s security work is usually the IT system user. By highlighting risky behavior and illustrating how attacks and fraud can be performed, we can assist your operations in improving the general security awareness among both staff and management. We strive for a long-term change in behavior and at the managerial level we also focus on how security thinking can be included in steering, strategies, and business goals.

Background checks

Background checks can be used as a way to prevent and eliminate risks in recruitment and choice of sub-contractors. They can also constitute part of a comprehensive undertaking in more extensive security projects. With our collective experience from both police and military intelligence and investigation, we offer a high-quality product where we gather, process, and analyze information that may be crucial in making the right decision in a difficult situation.

Til toppen