security and privacy

Security and privacy are non-negotiable ... but what does that mean?

Adding additional security after development, or adapting existing solutions to meet changing privacy requirements is the reality that most businesses face. In an ideal world we would be able to go back to the blank sheet or green field and start again, but that is only occasionally an option for business continuity or cost reasons amongst many others. Making a sound risk assessment, and then analysing the options to come up with an apporporiate roadmap is needed. This is not a 'technical fix', but due consideration of the business, the people and ways of working and holistically handling the challenges in a practcial way.

At ixa2a we can provide you with the expertise to plan out those options on a People, Process and Technology basis. We can do this strategically and tactically, enabling your teams to move forwards on the journey. Using our architectural methods we will provide you with a fully maintainable set of models, but a clear view of current state driven by real data. We accept as given that during the course of executing, the likelihood of change is high, so we focus on ensuring that the plans are designed with the abilty to adapt to such changes.

One example area of concern for many businesses is cloud security. Technology has moved at pace and last years great steps forward can become this years technical debt. ixa2a recommend using Sherwood Applied Business Security Architecture (SABSA) as this provides a rigorous and robust methodology for building out business capabilities into public cloud.

Typical engagements

• Work with a team to analyse and plan out a strategic response to a security event

• Advise on how to prepare for an ISO 27001 audit

• Plan an Information Security Management Systems (ISMS) and communications to staff across a technology business

• Security and privacy architecture and process review for a move from a single cloud provider to a multi-cloud deployement