Security Services

The Bett Group security team is second to none. Extensively trained and having been certified in a number of areas, we are well equipped to set up and maintain a solid security footprint for an organization of any size. With expertise in numerous areas including firewall, anti-virus, intrusion detection, remote access, PKI systems, encryption, hardening operating systems, identity and access management, information logging and analysis, policy development and more, our clients are assured of a comprehensive, proactive security posture.
The security team has been heavily involved in numerous and diverse capacities, including:
Infrastructure:
- Familiar with installing effective network perimeter security, including isolating web activity within a DMZ, firewalls, routers, setting up and monitoring intrusion detection systems, etc.
- Knowledgeable with the security structure of various operating systems, including all versions of MS Windows, Unix and Sun Solaris.
- Setup and managed multi-tiered virus/worm/trojan horse protection structure involving network and file server systems, email servers and client computers.
- Responsible for development of effective backup, contingency planning and disaster recovery capabilities for organizations of various sizes. Experience with numerous backup systems.
- Setup internet filtering system to limit incoming spam and provide web filtering capabilities.
- Installed, configured and hardened numerous versions of web servers: IIS, Apache.
- Knowledgeable with various directory systems, including MS Active Directory, Netscape Directory Server, Sun One Directory Server, NT domain model.
- Setup secure wireless systems incorporating WEP and non-broadcast SID’s.
- Installed VPN infrastructure, incorporating IPSec and PPTP. Familiar with L2TP, IPSec and RADIUS.
- Knowledgeable of numerous authentication mechanisms, including: CHAP, certificates, NTLM, Kerberos.
Application:
- Experienced with the security structure of numerous database management systems, including SQL and Oracle. Aware of and know how to prevent SQL injection attacks.
- Extensive experience and training in .Net, ASP, HTML and Java/J2EE technologies.
- Knowledgeable of and utilized public key infrastructure; SSL, digital certificates, etc.
- Incorporate smart card technology to provide strong two-factor authentication and encryption.
- Developed fine grained data warehousing control incorporating row level security.
- Utilize PGP to encrypt email and file systems.
Management:
- Developed and instituted security policies, auditing guidelines and procedures.
- Instituted user awareness and training sessions.
- Developed guidelines and enforcement procedures for password management. Activate application and operating system password policies and expiration.
- Involved in a formal information security risk assessment in conjunction with a CPA audit.