Infrastructure and Operations Security

Solutions

Infrastructure and Operations Security

Defend against and limit the impact of a cyber attack

A secure IT infrastructure is the foundation of doing business. In a business environment where information security is key, the right infrastructure ensures high availability, scalability and efficient security.

While IT infrastructure needs to address a wide range of threats including viruses, malicious code, and intruders, our experience with a variety of IT infrastructures demonstrates how they often evolve in an unstructured way and can be inconsistently configured, difficult to manage and ineffectively controlled and monitored.

How Deloitte can help?

Deloitte can help address the challenges of creating a more secure, efficient operating environment, by addressing all the layers of IT infrastructure components, as well as the related operational processes:

  • Evaluate – Assessments, health checks & benchmarks allowing to determine current state, as well as product selection and evaluation
  • Architect – Assist in definition of security controls, standards, designs, architectures, processes, etc.
  • Implement – Assist in process improvement

Deloitte proposition overview

Tailored point assistance or comprehensive program addressing the following layers of Infrastructure & Operations Security:

  • Security Architecture & Network Zoning – Assess and improve overall security design as well as network segregation
  • Application and Software Security – Assistance for improving security controls in Web-based and other application software (secure design, secure coding, security testing, etc. )
  • Security Controls Enforcement (OS, database, middleware, network) – Assess and improve hardening of systems for reducing available vectors of attack
  • IT Security Processes – Strengthen operational security processes to ensure security, privacy and resiliency are embedded in day-to-day activities
  • Data Center Security – Assistance for managing physical and environmental security controls to prevent unauthorised physical access, damage, and interruption to organisation’s assets controlled within a data center environment

Our approach & methodology

Deloitte’s Infrastructure & Operations Security framework can be applied to many technical security areas covering all layers of IT infrastructure components.

Infrastructure and operations security

Contacts

Roland Bastin

Roland Bastin

Partner | Information & Technology Risk

Roland is a partner within the advisory and consulting department and joined the Risk Advisory practice of Deloitte in 2001. He is responsible for IT audit, IT security, IT regulatory compliance, Data... More

Stéphane Hurtaud

Stéphane Hurtaud

Partner | Information & Technology Risk

Stéphane is a partner within our Risk Advisory practice. He has over 21 years of experience in the IT risk, Information Security and IT audit fields, with a strong focus on the financial services indu... More

Maxime Verac

Maxime Verac

Senior Manager | Information & Technology Risk

Maxime Verac is a Senior Manager within Deloitte’s Information & Technology Risk services in Luxembourg. He has 10 years of experience in Information Security. During the last 10 years, as a consultan... More