Cyber Security Services
Cyber security architecture design and implementation
Security architecture, in terms of information technology, is best defined as the conceptualisation design and implementation of secure business information systems. At PERIMETROS we have used best practices and standards such as Zachman, SABSA and EISA to develop robust, efficient and secure architectures for the European Union DG TAXUD, banks, & telecommunication organisations in Greece and the Middle East.
Scope of the service
A security architecture is applicable to different type of organisations, i.e. private or public sector, irrespective of the industry vertical they operate. The overriding principle of course is the presence of an information communication technology (ICT) network where inter-networked computer systems and applications are providing business and support services to the organisation.
Term and cost of the service
Both the term and the cost of the service depends on the size of the ICT infrastructure but we take pride in knowing for a fact that we have one of the most competitive man-day rates in the Greek market and abroad.
Governance Risk and Compliance (GRC)
Compliance may be both a requirement such as the General Data Protection Regulation (GDPR) and a business enabler i.e. ISO/IEC27001. We are specialising in ensuring our customers IT environments comply with regulations i.e. GDPR, the international information security standard i.e. ISO/IEC27001, contractual requirements i.e. PCI-DSS and country specific best security practices and standards such as the Dubai DESC and the UAE NESA cyber security standards.
Scope of the service
At PERIMETROS we are certified to plan, design, implement, audit, and operate management systems and technology solutions required from regulations such as GDPR, and information security standards such ISO27001, DESC, NESA, PCI-DSS, NIST, ISF and others. If we are discussing about a regulation then the scope of compliance is defined from the regulator, like in the case for GDPR. On the other hand if an organisation chooses to comply with the information security standard i.e. ISO27001 then the scope can cover a server, one department or the entire organisation. PCI-DSS scope is different in the sense it is a contractual agreement between the stockholder organisations of a payment transaction i.e. the payment brands, the acquiring banks, payment processors and merchant companies, and it looks at protecting cardholder data.
Term and cost of the service
Both the term and the cost of the service depends on the size of the ICT infrastructure but we take pride in knowing for a fact that we have one of the most competitive man-day rates in the Greek market and abroad.
Vulnerability analysis & penetration testing
For the past 15 years we have conducted hundreds of vulnerability assessments and manual penetration tests, for one reason. To provide the necessary visibility to companies so they can take informed security decisions based on realised and exploitable technical weaknesses and the capabilities of the threats. Our portfolio of VAPT services includes internal & external VAPTs, web services pen testing, VoIP security assessments, Python security code reviews and more.
Scope of the service
Any size organisation with a requirement to manage effectively, its computer systems, networks, applications, online services e.g. websites, security vulnerabilities. In addition to that PERIMETROS is both skilled in running and uses specialised software for Anti-PHISHING campaigns in order to arm an organisation from the most prevalent advanced persistent threat.
Term and cost of the service
The cost of this service is based on either the number of managed IP addresses, the number of online services e.g. no of websites, or the number of users we are running an anti-phishing campaign for. In principle the cost per IP address is VERY LOW, whilst the cost for a website penetration test ranges from LOW-to-MEDIUM depending on the online service architecture. Anti-phshing campaigns cost is based on the number of users and in principle it is LOW.
Endpoint security monitoring and management
PERIMETROS IT automation framework includes a powerful, fully integrated endpoint security solution powered by Kaspersky. The engine, among many other features, it provides real time antivirus protection and on demand scanning, prevention of malware epidemics, automatic isolation of infected computers (best practice for ransomware infections) and device control of external devices such as USB drives. If there is a virus infection everything will happen automatically. The malware code will be destroyed and our personnel will be informed in order to initiate the security incident response process.
Scope of the service
Although malware is created for virtually all operating systems, it is Microsoft Windows operating systems that suffer the most. Our service is fully managed and it supports virtually every Microsoft Windows operating system to date. A great benefit of this managed security service stems from the integrated incident response process that is allowing us to orchestrate more effectively our defence based preventative security controls.
Term and cost of the service
Minimum term is one year, invoiced on a monthly basis. Volume and multiyear based discounts apply in an otherwise LOW level cost.
