Information Security

Our company offers a wide portfolio ranging from specialised areas of information security to comprehensive overall solutions:

• Information Security Management System (ISMS) – development of security management systems in compliance with ISO/IEC 27001 (former BS 7799-2:2002)
• Audit – provides a balanced review of the real state of IS, its compliance with legislation, information strategy etc.
• Risk analysis – evaluation of threats affecting the IS
• Security policy – defines requirements in the area of information security
• Security project – defines security features and measures
• IS continuity plan – mitigates the impacts on IS functioning in case of potential accident, contains recovery procedures
• Security guidelines – set of rules for the setup of security features and IS use in everyday operation
• Support – support services in the area of security, consultancy

When implementing a security solution we follow phases of IS lifecycle and related security documents. The essential prerequisite of any security solution is its compliance with valid legislation, methodology and standards.

Security Solution Levels

The goal of each security solution is to establish maximum IS protection against possible disruption for minimum costs. IS security needs to be designed in such a way that the threats affecting the IS are decreased to an acceptable level by introducing the most suitable measures. Such a solution will thus be able to eliminate most threats even before they occur using a combination of appropriate preventive measures.

We provide security solution on the following levels:

• Physical – protects the environment where the information system is running
• Personal – selection of people entitled to work with various types of information, their training, security awareness enhancement and confidentiality measures
• Computer – security of IS and data processed by and transferred between computers
• Administrative – administrative measures as a way towards maximum level of security
• Development environment – development of applications to work with confidential and sensitive information

Communication and Computer Security

Communication and Computer Security involves a high-quality protection of information systems and data processed in computers by various technical and programming methods and tools:

• Authentication and authorization – verification of any subject logging into the information system and his/her access rights
• User access management –confidential information only accessible to pre-selected persons
• Accountability – records of processes and activities related to IS
• Audit – independent check of events and activities within IS
• Secure data storage and transfer – encryption of data transfers and data storage, virtual private networks
• Antivirus protection – high-quality antivirus protection of workstations, enterprise networks, mail server and Internet connection

Products for Security Solutions

T-SOFT a.s. offers solutions based on the following products:

• SafeNet – chip, dual and hybrid cards, smart card readers and software – identification and authentication, access control, PKI, electronic signature; T-SOFT a.s. is an authorized distributor for SafeNet Company in the Czech and Slovak Republics
• Sodat software – identification and authentication, access control, encryption, data protection against theft and misuse by company’s employees
• AEC – encryption of files, directories and discs, encryption of emails, penetration tests • Entrust – identification and authentication, access control, encryption of files, directories and discs, encryption of emails
• Check Point – security of corporate networks – Firewall, VPN
• Microsoft– MS VPN, MS certification authority, ISA sever, encryption of files, directories and discs, encryption of emails
• Trend Micro – comprehensive solution of antivirus protection
• RSA – access control, authentication server

All the aforesaid products have been proven to provide excellent results. Joint those who have had their communication and computer security provided by professionals with long-term experience in the area of security – T-SOFT a.s.