Private companies and public administrations, from March 31 2006, have adopted the new "minimum requirements" of security introduced by Legislative Decree 196/2003. Since January 1 2004 the new Data Protection code has become effective, on the basis of which all companies must fulfill a series of security obligations (section 31 of Legislative Decree 196/2003): information systems of every company have to adopt security measures to reduce to a minimum the risks of destruction or loss of personal data, of non authorized access or non authorized treatment that does not conform to the objective of its collection.
To fulfil such obligations each company has to adopt measures to "protect electronic means and data from unlawful data processing operations, unauthorized access and specific software." (Section 34 Legislative Decree no. 196/2003).
TWT proposes turnkey solutions to guarantee the management of the company security strategy policy.
The TWT Security solutions include:
Consultancy in Firewall security:
Our technicians are available to support the company in the definition of the Firewall security policy.
Setting up and configuring Firewalls:
Based on what has been established with the Client, TWT technicians install and configure the Firewall.
Initial intrusion attempt and after every modification:
The service allows the Client to become aware of the damage that a hacker could inflict to its software system, both in terms of subtraction of reserved data, and inefficiency.
Intrusion attempts regard all known vulnerabilities, using hacking tools to try to examine data, create malfunctions...
The Intrusion Test service consists in the attempt of TWT experts to intrude on the Client's services and systems that are directly reachable through the Internet
Final configuration report:
At the end of the installation, a REPORT is released on the configuration of the Firewall.
Firewall firmware update:
All updates of the Firewall are included, in order to constantly keep the security systems up to date.
Port/Protocol and IP address filtering with State full inspection:
Access filters on the IP protocol, based on different criteria (addresses, protocols, ports) that can be configured to block or limit the access to a group of users.
Through the use of State full Inspection, the Firewall is able to identify anomalous series and to block them.
Intrusion Detection:
Allows the company to increase the security of its IT infrastructure through a control system on the border activity: it can see unauthorized intrusion attempts and block them before it's too late. TWT experts manage the Intrusion Detection system and review the policies applied to the Firewall.
Antivirus on HTTP, FTP, SMTP, POP3, IMAP protocols:
Increase the security through an antivirus filtering system of the incoming traffic from the Internet.
Content filtering traffic - based on url and/or keywords.
Allows the Client to monitor and limit the traffic towards some Internet sites.
Certificate of Conformity to the Technical Specifications attached to Legislative Decree 196/2003 "Data Protection Code"
Since January 1 2004 the new Data Protection Code became effective.
All companies have to (section 31 Legislative Decree 196/2003) fulfill a series of security obligations: the software systems of each company will have to include security measures to reduce to a minimum the risk of destruction or loss of personal data, of unauthorized access, or unauthorized treatment or treatment that is inconsistent with the purposes for which the data were collected.
Among the different security measures (sections 33-40 Legislative Decree 196/2003) it is explicitly mentioned that the company has to activate suitable electronic means that have to be updated in order to protect personal data (section 16 of the Technical Specifications attached to the Decree).
TWT allows the company to rapidly get into compliance its Internet connection.
Along with the service, TWT will supply a Certificate of Conformity to the regulations of the Technical Specifications, as per section 25.
Our Firewall solutions, in addition to an adequate documentation and implementation of security on the internal network on the part of the client (DPS, antivirus, use of password, backup etc.), ensure the conformity to the new security regulations imposed by the Data Protection Code that must be adopted by March 31 2006 (Legislative Decree 196/2003).