Digicert involvement in providing Secured Online Transactions Services via Public Key Infrastructure (PKI) is further enhanced via its offering of Managed Information Security Services. As an upcoming key player in the MISSP industry, Digicert fully understand the rationale of providing these services is to empower its Client to perform selected right sourcing of their Information and Communications Technology (ICT) operation. Partnership with Digicert as the chosen MISSP shall enable an organization to rightfully manage and achieve the following:

• Reduce/optimize operation expenditure as well as maintain minimum staffing
• Acquire right skills to respond to problems and develop security awareness program based on real life collective experiences.
• Gain access to security experts/consultants to help in the overall daily management and operation of information security.
• Obtain the relevant facilities, technology and optimum service performance offered by the remote Security Operation Centre (SOC)
• Enable independent and objective participation is overall planning, development and deployment of corporate wide information security operation

As MISSP, Digicert offers the following:

• Information Security Consulting, and
• Managed Information Security Services

Information Security Consulting

Our consulting services is tailored to the need of our Clients and fit for purpose required the operation. For an example, we will work with our Clients to review the information security policy and provide feedback on the existing policy. The policy would be reviewed to ensure conformance to standards such as BS7799 and the execution of the policy in terms of security plans. A potential risk assessment would also be made based on the information security policies and procedures. In short, we have the capability and capacity to undertake serious consulting works in helping our Clients develop a well thought information security frameworks, infrastructure, systems, policies and procedures.

Managed Information Security Services

Our Managed Security Services offerings are designed to be as flexible as our clients need them to be. While there are organizations that fully subscribe to complete solution with monitoring and management of all security activities, there are also others that wish to right-sourcing specific element or process within their overall information security services. Therefore, Digicert; as the chosen MISSP, provides its Clients with full-spectrum security service portfolio to address all ICT operation concerns. In addition, Digicert also offer flexible packages with optional add-on services that allow its Clients to create the exact solution they need using field tested and proven processes. Our Managed Information Security Services shall offer our Clients the following services options:

• Measurement of the overall effectiveness and efficiency of our Clients security controls from a myriad of security products (anti virus, firewall, intrusion detection/prevention, and vulnerability management).
• Management of firewall products and continuous real-time analysis of data, as well as comprehensive management of configuration, rule changes, VPN modifications and system upgrades.
• Management of the network–based IDS solutions and continuous real-time analysis of data, as well as management of configuration, signature updates, and software upgrades.
• Management of integrated gateway solutions comprised of firewall, antivirus, content filtering, intrusion detection, and VPN. Services include configuration, signature management, rule changes, web site blocking and system upgrades.
• Internet Vulnerability Assessment via execution of scans and tests the integrity and effectiveness off Internet facing elements; mail servers, DNS servers, e-commerce servers, and security devices – to identity areas of vulnerability. Regular reports will alert Clients to system changes and offer prioritized recommendations.
• Virus Protection Service covering protection against viruses, spam and content filtering at the network gateway. Services include configuration of system and continuous updating of virus and patch definitions.
• Continuous monitoring of security infrastructure for threats that may impact business operation. Security incidents are thoroughly investigated and we can provide fast and precise recommendations for remediation. Furthermore, we also provide the services of posting on designated portal the details of all incidents by device and severity for problem resolution processes, notify relevant parties by telephone, SMS, e-mail on the incident that detected by the Operations centre, as well as analyze logs and alerts generated by security devices to transform logs into intelligence and focus resources on solving the most serious problems first.
• Continuously work with our Clients to efficiently prove and cost effectively maintain information security compliance with industry standards