To identify any weaknesses inherent in the design of your security architecture, we will analyse the high-level system documentation focussing on the purpose of the system. To provide a customised risk assessment, we compare the security architecture design against both industry best practices and current attack vectors.
Once this has been completed, we may recommend building, improving, or reengineering your design to meet the following: organisational policies, industry best security practices and compliance standards (i.e. CIS, HIPAA, FERPA, GLBA etc.), legislation and regulations.
An early design or configuration review in the system lifecycle process will enable your organisation to minimise costs and prevent delays. A flawed design or implementation can increase the security risks and can have legal repercussions.
Unlike a software requirements specification, a security architecture review will clarify whether the design or configuration will prevent desired functionality, will cause unintended functions or will affect security controls.
Our design and configuration reviews provide security best practice recommendations for:
Our team are seasoned, experienced and business-minded security consultants with an average of 10 years experience having conducted hundreds of design and configuration reviews for clients across state and local government, health, finance and nonprofit organisations.