CROC
http://www.croc.ru/eng/innovations/information_security/index.php
CROC
N1 in Russia in IT Infrastructure Creation

Îáðàòíàÿ ñâÿçü Contacts            Rus Site Map
About CROC
  Services
  Innovations
  Industries and Clients
  Projects
  Vendors
 

Information Security

Privileged Identity Management (PIM)

What is it?

Privileged Identity Management (PIM) is a technology for managing privileged identities and access to heterogeneous information systems, network devices, and applications. PIM allows for the creation of an automated login point for all privileged identities, the delegation of privileged rights based on approval process, monitoring and controlling of privileged user sessions, and ensured enforcement of approved password policies.

CROC’s Services

  • Audit of existing infrastructure for privileged identity management and use
  • Creation of a unified privileged identity management policy
  • Creation of a secure, centralized repository of privileged identities
  • Integration with information systems, network devices, and applications regarding privileged account management
  • Ensuring that information systems comply with regulatory requirements regarding the management and registration of the activities of privileged users
  • Consulting and support throughout the project—during system design, implementation and operation

Identity Management (IDM)

What is it?

Identity Management (IDM) is a technology for managing identities in heterogeneous environments based on role-based access and request approval. IDM allows for a unified information security policy in terms of account lifecycle and role management, the controlling of privilege redundancy and the locating of ‘orphan’ accounts.

CROC’s Services

  • Creation of an integrated solution, either brand new or based on an existing infrastructure
  • In-depth analysis of existing identity management processes
  • Formation of a unified identity management workflow
  • Development of software components for integration with other information systems
  • Consultation and support throughout the project—during system design, implementation and operation
  • Integration with Access Management and Information Right Management (IRM) solutions

Authentication Centers

What is it?

Authentication center is an identity management and client access management solution used to offer online banking and implement banking business processes. Authentication centers help consolidate multiple information security solutions, remotely approve client transactions, accelerate development of web applications to offer new banking services, reduce administration and conflict resolution costs, and dramatically improve client protection against fraud and identity theft.

CROC’s Services

In terms of client authentication:

  • Secure authentication of EMV card holders using challenge-response one-time passwords (OTP)
  • Secure authentication of clients who do not hold an EMV card using time-based OTP (OTP or soft token)
  • Authentication of clients via static login and password for guest access to their account

In terms of transaction protection:

  • Signing (with MAC-keys) of most important transactions using card reader and cryptographic algorithms in the EVM card
  • Signing of important transactions with challenge-response OTP obtained using a card reader and an EMV card
  • Signing of less important transactions using an OTP obtained from hard or soft token or received by SMS

Data Loss (Leakage) Prevention and Content Monitoring and Filtering (CMF) Systems

What is it?

Data Loss (Leakage) Prevention (DLP) solutions protect companies from unauthorized use or transmission of confidential information by controlling the most common leakage channels, using a security incidents investigation database, and enhancing access rights management (prior to establishing external data transfer rules).

Content Monitoring and Filtering (CMF) software solutions block non-productive or illegal employee internet activities and control channel bandwidth by setting traffic quotas and by blocking data-intensive application protocols.

CROC’s Services

CROC implements DLP solutions based on Symantec Data Loss Prevention, Websense Data Security Suite, and InfoWatch Enterprise Solution.

CROC’s DLP solutions involve a complete audit of information systems, existing information flows, and access rights management processes. In addition, CROC also reviews and classifies confidential information in order to develop data storage and data transfer rules. If necessary, CROC also provides consulting assistance regarding the adoption and reengineering of data storage and transfer processes.

CROC uses the following security products in order to provide protection against improper internet use: Aladdin eSafe Suite, Websense Web Security Suite, BlueCoat, and WebWasher from SecureComputing.


Information Rights Management Systems

What is it?

Information Rights Management (IRM) systems create an additional security layer to protect sensitive information from unauthorized access through the use of information encryption and access permission to documents.

CROC’s Services

CROC deploys IRM systems based on EMC/Documentum/Authentica, Microsoft RMS, Adobe Policy Server and Oracle IRM/Stellent/SealedMedia products. When implementing IRM solutions, CROC analyzes existing document management procedures and identifies sensitive and private information. Jointly with the customer, CROC then defines a list of people authorized to handle such information, establishes related business processes and develops and implements document access policies.


Compliance Management Solutions

What is it?

Compliance Management solutions are used to ensure information system compliance with corporate information security policies and international standards via continuous IT infrastructure monitoring.

CROC’s Services

CROC deploys Compliance Management solutions based on products from major global vendors such as Symantec and Positive Technologies (including MaxPatrol vulnerabilities assessment, information security monitoring and compliance management system) and chooses optimal solutions based on customer needs, goals and preferences.

Top Top