C.E. Gregory & Associates, Inc.

Information Systems Consultants
Specializing in IT Security, Certification and Accreditation, and IT Privacy Protection

IT Security Services

• • • Create, examine, update your IT security policies, standards, and procedures
    • ETF/A and ETF/R program product installation, implementation and training
    • Security systems classification and categorization
    • Complete Security System Audits; mainframe, network, platforms
    • Full Information Privacy data mining and discovery
    • IT Privacy protection analysis; breach remediation and recovery
    • IT Security Review and Health Assessments
    • z/OS Installation Audits – Examine APF, SVC, Exits, Interfaces, ISAs, Special Permissions, Library Control, Standing Access, FIRECALL Access and Use, Logging, Reporting, Open Ports (to vendors, for example)
    • IT Solution Evaluation and Selection
    • ACF2 and RACF Security Systems Technical Training
    • IT Policies, Procedures and Standards – Creation, Evaluation, Updates
    • UID String Re-engineering for ACF2; automated tools in place
    • Security Education & Awareness Training and Policy Creation
    • IT AUDIT Training and Assistance
    • IT Risk Analysis and Mitigation
    • GAO and OIG Audit Support; Remediation Verification and Compliance
    • Data Classification and Categorization
    • Multi-platform Security; LPAR support
    • Mandatory Access Control Implementation
    • Computer Crime Investigation Support

C.E. Gregory & Associates, Inc. also offers security simplification and re-engineering services. These services are of special interest to those organizations needing to improve data security levels. Particular emphasis is placed upon Role Based Access Control (RBAC) and the benefits of provisioning, Information Assurance, timely security request processing, ease of IT security systems Maintenance.  Security simplification and re-engineering will enable the following improvements:

• • • Rapidly improve staff utilization
    • Decrease security requests for IT access turn-around time; eliminate the backlog of requests for access
    • Ensure regulatory compliance; Federal, State, Local
    • Streamline security administration; automate the provisioning process; convert the legacy provisioning
    • Remove redundant security rules and resource definitions; examine and enhance resource profiles
    • Streamline IT security officer activities
    • Reduce the incidence of errors in coding access rights
    • Take advantage of automation and other emerging security technologies
    • Leverage the comprehensive functionality of the enterprise security product, i.e. resource grouping, cross-references

Ensure that IT security is a productive contributor to the goals of your organization.  Provide for the confidentiality, integrity, and availability of your Information Technology asset.

Contact Us