Information Technology systems and the business information they store are a significant asset to businesses. The error-free, secure and continuous operation of these systems is critical to the business of a company.
It is well known that after the USA and Europe, computer crime has gone through a sharp increase also in Hungary. According to a survey, in recent years the damage caused by computer crime has multiplied.
More and more corporate executives recognize their information security risks and contact a specialized company to provide an impartial and realistic picture of the company's security situation. Today, in addition to enterprises, also small and medium businesses realize the importance of this necessity.
As a response to the increase in the demand for information security projects, our predecessor, FreeSoft Kft set up its Information Security division as early as September 1999 to provide customers with the information security level appropriate to their activities. In addition to FreeSoft's own team of experts, this division maintains close partnerships with respected professionals in the information security area.
Our work is based on the international methodology of ISACA (Information Systems Audit and Control Association), according to the following topics:

Preparation of an IT audit

• Assessment of the IT and, more specifically, the Information Security situation, to reveal the possible "false sense of security"
• The audit covers the data security revision of all IT processes, including servers, applications and networks. A site survey and an IT risk assessment is performed
• The audit results in an "Action Plan", which proposes a solution to eliminate the defects which were revealed
• As part of the audit, computerized "hacker proof" tests are performed on our customers Internet-connected and internal devices (Internet/intranet web servers, firewalls, routers, databases, internal servers). As the Hungarian reseller of ISS (Internet Security Systems, market leader of information security tests with a 40% market share), we use ISS information security scanner products to check settings.

Development of a policy system

After the audit, the next step is to develop or update the IT Data Security Policy and the Information Security Policy System, and to prepare the missing policies.

Deployment of the policy system, compliance with the policies

After the deployment of the policy system, the contents of the policies need to be deployed, and enforced during operation.

Internal Data Security audits

After the deployment of the Policy System, the internal data security audit plans are prepared, which forms the basis of the internal revision procedures.

Elimination of the revealed defects

After performing the previous tasks, the next step is to eliminate the identified defects, and to implement the specific solutions for other tasks in the Action Plan, including:

• designing and deploying firewall systems
• designing and deploying real-time intrusion detection and interception systems
• audit of VPN and e-business solutions

Our information security projects are implemented by our specialized professionals with international IT audit certifications, and by qualified ISS data security engineers, to the great satisfaction of our customers.