IT Risk & Security Management

IT Risk & Security Management


IT security is one of the most important company issues. Taking care of the company image and being reliable for customers requires adequate data security. The threat landscape is evolving at great speed and threats are becoming increasingly sophisticated and elusive. Responding quickly to these risks requires smarter, comprehensive real-time protection solutions.

Managed IT Security Services

Managed IT Security Services provides security services from monitoring and management to comprehensive threat solutions. Comarch aligns services directly to business and operational objectives, helping clients adhere to IT governance, manage enterprise risk and achieve compliance with government legislation, legal frameworks and industry standards. Take advantage of IT Managed Security Services:

  • Security Operations Centre – stay in control 24/7
  • Security Monitoring and Security Intrusion/Event Management - effectively monitor the security of IT environments, enabling you to quickly identify, analyse and respond to potential security threats
  • Vulnerability Tracking and Management – verify the security state of an IT environment by executing periodic vulnerability scans
  • Patch Management - collection of patch and vulnerability related information from various sources e.g. vendor sites, security bulletins and vulnerability databases
  • Compliance Management – improve compliance with our support, identify and deploy the best security practices and regulatory requirements
  • Risk Management - pro-actively manage open threats by introducing controls, corrective actions or other means aimed at mitigating risk
  • Business Continuity Management - determine the maturity of controls in the Information Security & Business Continuity domains

IT Risk & Security Management

IT Security Auditing & Compliance

With IT Security Auditing & Compliance, vulnerabilities in the system are detected, which reduces the risk of data loss or access by unauthorised persons. Regular checking of data security can recognise potential hazards and remove them before they arise. IT security audits become a component in the effective protection of information systems. To meet market requirements and customer expectations, Comarch ICT Security & Risk offer many services in the field of IT Security Audits. During audits the following points are checked:

  • Distribution of active devices in the network
  • Verification of the security state of an IT environment by executing vulnerability scans periodically and providing mitigation action planning
  • The flow of data across network segments (Internet, DMZ, WAN, LAN)
  • Penetration testing
  • Database audits
  • System access (access management, channels and access lists, password policy)
  • Configuration (e.g. system application configuration, verification of filtering rules, VPN tunnel setups, security module running configuration, software update mechanisms, routing, access-lists etc.).
  • Compliance auditing is carried out in accordance with standards, such as ISAE, ITIL, PCI DSS and personal data protection acts.
  • IT Security Auditing
    - Infrastructure, System,
    - Process, Effectiveness, Preparedness
    - Application, Databases


IT Security Integration and Support

The Comarch IT Risk & Security Department also provides Integration and Support services. A team of highly qualified Network and Security Engineers, managed by dedicated IT Project Managers, analyse the customer’s need to plan and implement security solutions that fulfil all of the specific requirements. We are experienced in various technologies and areas, such as:

  • Firewalls (CheckPoint, Cisco, Juniper, Fortinet)
  • Intrusion Detection/Prevention Systems (IDS/IPS)
  • Data Leakage/Loss Prevention (WebSense/Forcepoint)
  • Content Security (Cisco, WebSense/Forcepoint, TrendMicro)
  • Unified Threat Management (UTM)
  • Secure Switching, Routing, Secure Networks
  • Security Architecture
  • Security Information and Event Management (SIEM) – (Q1Labs/IBM Qradar, Juniper STRM, AlienVault OSSIM, OSSEC)

This has helped us to plan, successfully implement and support complex security solutions for International Commercial Customers and Government Institutes/Agencies. 

Want to learn more? Don't hesitate to contact us!

We'd love to know how we can help you.