SIFT

Security Partner Agreements

“For Mature Audiences…”

Organisations that have reached a relatively mature state of security need to focus on ensuring effective ongoing management of that secure state, and on strengthening their security model in selected areas in response to shifts in the risk landscape. This is where Safecoms’ Security Partner Agreements come into play.

The “Virtual Security Department”

Information security standards such as AS7799 recommend that organisations have an ongoing relationship with a specialist external security partner who is familiar with their infrastructure, risk profile and working practices. This is particularly important for organisations that may have a strong internal IT Department but who cannot justify the cost of a specialist information security team in house. Through the mechanism of an annual services agreement, Safecoms takes full contractual responsibility for ensuring that an appropriate level of security is maintained.

Flexibility

Every organisation has slightly different needs, but typically a Security Partner Agreement will cover core activities such as

  • regular penetration testing (external and internal)
  • review of compliance with security policies and procedures
  • on site testing of security devices
  • vulnerability advisory service
  • testing of the DR plan
  • “on demand” support to deal with ad hoc security issues.

Safecoms’ Security Partner Agreements are fully configurable and will reflect the specific needs of your organisation.

Cost Management

A key feature of Safecoms’ Security Partner Agreements is that they enable you to make your annual security expenditure predictable and tightly controlled. Information security typically comprises somewhere between 5% and 20% (depending on industry sector) of the IT budget, a sizable chunk. By entering into a Security Partner Agreement you know what you are going to spend, when you are going to spend it, and what you are going to get for your money. You can also insulate yourself against market rate price increases by taking a renewal option for a second year at the same rates as for the first year.

Time Management

IT departments are frequently too busy fire fighting and dealing with new projects to stick to their plans for regular security activities, with the result that critical aspects of the security of the infrastructure are not reviewed for dangerously long periods of time. Safecoms' Security Partner Agreements provide the discipline of a timetable for carrying out of key activities, ensuring that the state of your security is always current.