ISO 27001 Compliance
We offer an efficient and effective approach for organisations of all sizes to achieve ISO 27001 compliance. Starting with the formation or ISO-enhancement of an existing Information Security Management System (ISMS), our approach consists of:
- Reviewing/enhancing or creating the Statement of Applicability
- Identifying assets, risks and control objectives
- Establishing policies and procedures to control risks
- Establishing essential registers to support maintenance of the ISMS
- Building communication and training programmes
- Establishing maintenance programmes for the ISMS
- Soft assessment against the standard
- Guidance and assistance with the formal assessment by an accredited body
Security assessments of cloud-based infrastructures
Cloud-based infrastructures such as AWS, Azure or Google Cloud have a tendency to suffer from security issues not typically found in Data Centre-based infrastructures. Different metrics need to be deployed in cloud-based environments to identify issues such as:
- Improper use or configuration of Identity and Access Management (IAM)
- Insufficient control over resources or the scalability of resources
- Inadequate protection of world-readable data and assets
Mustard Research offer cloud-based assessments based on industry-standard metrics and deliver a report with detailed remediation recommendations to enhance the security of any cloud-based infrastructure.
eCom Risk Assessments
eCom sites are in the front-line for global attacks and are often vulnerable to determined attackers. Our eCom Risk Assessment service will accurately profile the current level of IT risk exposure for the business and the brand and provide recommendations to reduce risk.
- Assess IT risk of an eCom platform to the business
- Identify any regulatory or compliance issues
- Identify opportunities to reduce IT risk and address compliance issues
Attackers focus on eCom sites because, historically, they’ve been easy prey and the attacks easy to monetise. Weak infrastructure controls, inadequate patching and poor awareness of what is ‘risky’ from an IT point of view have facilitated many attacks.
With many years of experience of evaluating eCom site security and prioritising remediation activities, Mustard Research is ideally placed to offer this short and competitively priced eCom Risk Assessment Service.