Axoss Security Awareness Services

1. Services DataSheet

2. WHAT ? ABOUT AXOSS
An INFORMATION SECURITY AWARENESS program is a TOOL that all companies, regardless of
size, need to implement. Without one, serious IT risks may be overlooked. It is the ADVANTAGE
of knowing what types of security issues and INCIDENTS staff members may face in the DAY‐ Axoss is a vendor independent
Information Security Consulting firm
TO‐DAY ROUTINE of their job function.
that delivers Security Assessment
Services across the public and private
Organizations CANNOT PROTECT the integrity, confidentiality, and availability of information in sectors.
today’s highly networked systems environment WITHOUT ENSURING that each person
involved understands their ROLES AND RESPONSIBILITIES and is adequately trained to Axoss was founded by information
PERFORM them. security experts, to provide top of line
Security Consulting Services that
tailored to meet our clients' needs.
Axoss core services can be broken
down into four categories:
• Penetration Testing
WHY ? • Vulnerability Assessment
• Security Consulting
Awareness of the risks and available safeguards is the FIRST LINE OF DEFENSE for security of • Security Training
information systems and networks.
Axoss has in‐depth knowledge of the
As cited in audit reports, periodicals, and conference presentations, it is generally understood challenges faced by many
by the IT security professional community that PEOPLE ARE ONE OF THE WEAKEST links in organizations in protecting users,
attempts to secure systems and networks. The “PEOPLE FACTOR” ‐ not technology ‐ is KEY TO networks and critical business
information from malicious attack or
PROVIDING an adequate and APPROPRIATE LEVEL OF SECURITY. If people are the key, but are
theft.
also a weak link, more and better attention must be paid to this “asset.” A robust and
enterprise wide awareness program is PARAMOUNT to ensuring that people understand their We always aim to deliver scalable
IT security responsibilities, organizational policies, and how to PROPERLY USE and protect the solutions so that every company,
IT resources entrusted to them. whatever their security budget, can
continue to enjoy access to our
expertise.
http://www.axoss.com
WHEN ?
Many ORGANIZATIONS require FORMAL SECURITY awareness program for all workers when
they join the organization and periodically thereafter, usually annually.
The threat to information assets has never been so great. Vulnerabilities range from
eavesdropping on a phone call to a STOLEN LAPTOP or even a MISCONFIGURED PASSWORD.
Yet, small CHANGES IN BEHAVIOR can have a huge upside for information security. That’s why
it’s every employee’s duty – from the EXECUTIVE SUITE TO THE PRODUCTION LINE – to make
security a priority.
All contents are Copyright © 2008 Axoss Information Security. All rights reserved.
Axoss Public Information.

3. WHERE ?
AXOSS provides GUIDELINES for building and maintaining a COMPREHENSIVE security ABOUT AXOSS
awareness program. The guidance is presented in a LIFE‐CYCLE APPROACH, ranging from
designing, developing , and implementing an awareness program, through post‐ Axoss is a vendor independent
implementation EVALUATION of the program. Information Security Consulting firm
that delivers Security Assessment
The OBJECTIVE of the Axoss SECURITY AWARENESS service is to CHANGE THE ACTUAL Services across the public and private
sectors.
BEHAVIOR OF PEOPLE by raising awareness and providing appropriate training so that each
member of the Organization can PROTECT their confidential electronic Information and: Axoss was founded by information
• BETTER UNDERSTAND the RISKS when using and storing electronic information; security experts, to provide top of line
• BETTER UNDERSTAND how to REDUCE the risks to the confidentiality, integrity, Security Consulting Services that
and availability of confidential electronic information; tailored to meet our clients' needs.
• BETTER UNDERSTAND their ROLES AND RESPONSIBILITIES for the protection of
information and systems. Axoss core services can be broken
down into four categories:
• Penetration Testing
• Vulnerability Assessment
• Security Consulting
• Security Training
HOW ? Axoss has in‐depth knowledge of the
Axoss Security Awareness PROCESS includes HOW TO : challenges faced by many
• SELECT awareness and training topics; organizations in protecting users,
• FIND SOURCES of awareness and training material; networks and critical business
• IMPLEMENT AWARENESS and training material, using a variety of methods; information from malicious attack or
• EVALUATE the effectiveness of the program; and theft.
• UPDATE AND IMPROVE the focus as technology and organizational priorities
We always aim to deliver scalable
change.
solutions so that every company,
whatever their security budget, can
The TOPICS the security awareness program covers will DEPEND ON the security awareness continue to enjoy access to our
needs. Some of Topics covered in security awareness program include: expertise.
• NATURE OF SENSITIVE MATERIAL and physical assets they may come in contact
with, such as trade secrets, privacy concerns and government classified information http://www.axoss.com
• EMPLOYEE AND CONTRACTOR RESPONSIBILITIES in handling sensitive
information, including review of employee nondisclosure agreements
• PROPER METHODS for protecting sensitive information on computer systems,
including password policy and use of two‐factor authentication
•Other computer security concerns, including MALWARE, PHISHING, SOCİAL
ENGINEERING, etc.
WHO ?
AXOSS has been delivering Information Security CONSULTING services to help clients
MITIGATE risk, secure their infrastructure and PROTECT their assets.
We are FOCUSED on providing the best possible customer EXPERIENCE and are committed to
delivering the HIGHEST LEVEL of service and support. We welcome any questions or requests
you may have about our SECURITY AWARENESS service. Please don't hesitate to CONTACT US
and one of our consultants will get back to you as soon as possible.
All contents are Copyright © 2008 Axoss Information Security. All rights reserved.
Axoss Public Information.