The VeriSign® Managed Security Services process
ensures that every event is handled effectively and efficiently by our
security analysts. We constantly improve our policies and practices
to define what we do, how we do it, and the way we document it.
Transaction-Based Process
Security-related events generate a prioritized
trouble ticket queued for handling by a VeriSign information security
analyst who takes ownership of the ticket through to completion. The
security analyst initiates an appropriate response, which may include
blocking the attack, generating a report for review on the VeriSign®
Enterprise Security Portal, and contacting the client to discuss response
and remediation.
Business-Focused Response
The increasing complexity of network systems
and the rising sophistication and frequency of attacks requires a measured
response to alerts and warnings. Responding to every threat or event
is hardly feasible. Our risk-based methods factor in client data across
managed security services, vulnerability awareness, industry threats,
and global intelligence to help you prioritize your resources without
compromising regulatory compliance.
Compliance Driven
VeriSign is safe harbor certified and meets
SAS 70, Type II requirements. We base our security services methodology
on internationally recognized standards of good practices and principles:
- The Information
Security Forum’s (ISF) Standards of Good Practice
- ISO17799: International
Organization for Standardization, Code of Practice for Information Security
Management
|
