NIIT Technologies works with enterprises to plan, design, construct and operate a security-rich environment for online applications and transactions, providing a total security plan. Our security specialists have gained experience by working under the guidelines of the ISO 27001 and ISO 20000 security standards.

Information Security Management

NIIT Technologies' Managed Security Solutions provide clients with a holistic security roadmap, to ensure that their information protection requirements are met for business continuity. Our solutions contribute towards a safer and compliant enterprise, with robust solution partnerships, best-of-breed security consultants and an onsite/offshore delivery model, based on stringent SLAs.

We work closely with our clients, covering all the technologies and provide end-to-end security solutions in the areas of:

• Logical Security
• Physical Security
• Administrative and Operational Security

Our Information Security Management suite offers the following:

• Vulnerability Assessment for Applications and Infrastructure components
• Remote Penetration Testing Services
• Application Security Assessment (Black Box Testing)

Compliance Monitoring

NIIT Technologies' Compliance Monitoring Solutions provides clients with an executable roadmap to meet their ever-increasing compliance needs and aims to improve efficiencies through the effective use of IT. These solutions have contributed significantly towards meeting the compliance objectives of organisations. Built on robust product partnerships and a proven global delivery model, our solutions integrate technology with sound understanding of the business processes of the enterprise, leading to lasting business impact.

Some of the regulations and standards for which we provide compliance monitoring solutions include Sarbanes Oxley, PCI DSS, BASEL II and ISO 27001.

• PCI DSS Compliance Scanning Services: As an Approved Scanning Vendor for the Payment Card Industry Security Standard Council (PCI SSC), NIIT Technologies offers customers technical scanning and analysis capabilities required to comply with regulatory requirements and corporate network security policies. Our Scanning Services include scheduled, periodic scanning of applications, systems and networks for technical vulnerabilities, to protect systems and data.

Tailored to meet specific industry requirements and regulations, they bring a range of benefits to customers including the following:

• Improved security
• Enhanced Return on Investment (RoI)
• Compliance with regulations
• Compliance with internal corporate policies and processes
• Improvement of internal business processes
• Detection and analysis of breaches in user and application behavior, whether intentional or accidental.
• Respond to violations and vulnerabilities

• Incident and Event Management: Confidentiality, Integrity and Availability of information is of prime concern for any enterprise that uses Information Systems, and security is no longer just the responsibility of the IT department, but rather a key Boardroom issue.
  To comply with regulations like the SOX, PCI DSS and Basel II, enterprises are now required to implement IT controls and monitor operational risks in significantly higher detail.

Our spectrum of Managed Security Services ensures that you have one, fully accountable source that manages your security issues, while you focus on your core business. We provide 24x7 support, based on well-defined SLAs and our services cover incident and alert handling, as well as reporting and trend analysis. Our services include:

• Log Management
• Log Archiving
• Incident Correlation and Analysis
• Forensic Analysis

IT Risk Assessments

NIIT Technologies Risk Assessment Services helps manage Information Security by enabling enterprises minimise disruption through effective risk management.
We work with enterprises to establish an organisation's Information Security Management System and Information Technology Service Management. Our services provide complete support in all the phases of ISMS and ITSM implementation in accordance with industry standards to our clients.

Key Services and deliverables include:

• Due Diligence Services for

• SO 27001- ISMS
• ISO 20000 - ITSM

• Gap Analysis

• Benchmarking
• Preparedness State Check

• Implementation Services

• Asset Inventory and Risk Assessment
• Risk Treatment Plan
• Identify best and cost effective approach for Solution Implementation

• Security Policy Services

• Security Policy Review
• Policy Creation