Services - Avaleris - it security policy

By: Avaleris  09-12-2011
Keywords: It Security, Identity Management

IT Security Policies are vital to the successful implementation of an IT security program in a large corporate environment. IT Security Policies must achieve the appropriate balance between providing an adequate level of guidance and control, while also being enforceable and manageable within a corporate environment. Furthermore, in order to be widely accepted, it is important that an IT Security Policy not impinge on the ability of the organization to conduct its business.

Avaleris has developed a wide range of IT Security Policy, Standards and Procedures for companies from a range of different industries. We’ve been involved in writing policies from the ground up and revising existing IT security policies to maintain currency against new and evolving threats. Our identity management work has also allowed us to develop our skills in the development of specialized and system specific security policies and standards such as Certificate Policies and Certificate Practice Statements.

Our IT Security Policy service offerings include:

  • IT Security Policy, Procedures and Standards Development
  • Certificate Policies and Certificate Practice Statement Development
  • System Hardening Standards and Guides
  • Access Control Policies and Procedures
  • Periodic Review, Updating and Optimization of IT Security Policies

Our methodology for developing security policies includes an initial Risk Assessment to identify the high level threats that are applicable to an organization and then a gap analysis to determine the extent to which existing policies and procedures exist. Our IT Security Policy development work leverages widely accepted industry standards such as ISO17799, GMITS, and COBIT. Certificate Policies and Certificate Practice Statements are drafted in accordance with IETF RFC 2527.

The benefit to Avaleris’ approach is an IT Security Policy that is tailored to organizational business requirements, appropriate to common threats within a given industry and balanced in accordance the level of resources available to implement the policy within a given organization.

Keywords: Identity Management, It Security

Contact Avaleris

Email - none provided

Print this page

Other products and services from Avaleris


Services - Avaleris - microsoft identity services fim customization

Our heritage of being the original developer of idNexus – the predecessor to the Certificate Lifecycle Manager component of ILM 2007 and FIM 2010 – make us ideally suited to any project that requires FIM 2010 customization or integration with a range of other Identity products and technologies.


Identity Solutions - Avaleris

Avaleris specializes in helping customers achieve maximum value from their Active Directory investments and implementing business appropriate technologies across a range of identity infrastructure solutions including Strong Authentication, User Provisioning, Identity Lifecycle Management and Information Protection.


Services - Avaleris

Avaleris is a leading Identity Solutions and IT Security Consulting firm – specializing in helping commercial and government customers address their Identity and Access Management needs. Our consultants are focused on helping customers reduce risk and provide trusted access to sensitive business assets in a manner that is aligned with the needs of the business. Avaleris’ areas of domain expertise and services offerings include.


Identity Solutions - Avaleris - technology solutions user provisioning identity management

Our service offerings are tightly integrated with core Microsoft identity technologies including Microsoft Forefront Identity Manager, Microsoft Identity Lifecycle Manager, Active Directory and Certificate Services. Enterprise IT organizations are under increasing pressure to synchronize and automate the process of user provisioning / de-provisioning across a range of applications on the corporate network.


Identity Solutions - Avaleris - technology solutions strong authentications

Increased pressure to provide trusted access to business assets, compliance with a range of regulatory requirements combined with the globalization of and distributed nature of business today has made Identity Management one of the most critical business problems for organizations to solve in recent years.