Security

Security Services

Security The Bett Group security team is second to none. Extensively trained and having been certified in a number of areas, we are well equipped to set up and maintain a solid security footprint for an organization of any size. With expertise in numerous areas including firewall, anti-virus, intrusion detection, remote access, PKI systems, encryption, hardening operating systems, identity and access management, information logging and analysis, policy development and more, our clients are assured of a comprehensive, proactive security posture.
The security team has been heavily involved in numerous and diverse capacities, including:

Infrastructure:

  • Familiar with installing effective network perimeter security, including isolating web activity within a DMZ, firewalls, routers, setting up and monitoring intrusion detection systems, etc.
  • Knowledgeable with the security structure of various operating systems, including all versions of MS Windows, Unix and Sun Solaris.
  • Setup and managed multi-tiered virus/worm/trojan horse protection structure involving network and file server systems, email servers and client computers.
  • Responsible for development of effective backup, contingency planning and disaster recovery capabilities for organizations of various sizes. Experience with numerous backup systems.
  • Setup internet filtering system to limit incoming spam and provide web filtering capabilities.
  • Installed, configured and hardened numerous versions of web servers: IIS, Apache.
  • Knowledgeable with various directory systems, including MS Active Directory, Netscape Directory Server, Sun One Directory Server, NT domain model.
  • Setup secure wireless systems incorporating WEP and non-broadcast SID’s.
  • Installed VPN infrastructure, incorporating IPSec and PPTP. Familiar with L2TP, IPSec and RADIUS.
  • Knowledgeable of numerous authentication mechanisms, including: CHAP, certificates, NTLM, Kerberos.

Application:

  • Experienced with the security structure of numerous database management systems, including SQL and Oracle. Aware of and know how to prevent SQL injection attacks.
  • Extensive experience and training in .Net, ASP, HTML and Java/J2EE technologies.
  • Knowledgeable of and utilized public key infrastructure; SSL, digital certificates, etc.
  • Incorporate smart card technology to provide strong two-factor authentication and encryption.
  • Developed fine grained data warehousing control incorporating row level security.
  • Utilize PGP to encrypt email and file systems.

Management:

  • Developed and instituted security policies, auditing guidelines and procedures.
  • Instituted user awareness and training sessions.
  • Developed guidelines and enforcement procedures for password management. Activate application and operating system password policies and expiration.
  • Involved in a formal information security risk assessment in conjunction with a CPA audit.