Managed security services
Secure results you can count on
Clients depend on the services your business provides and trust that their information will be kept secure. They also need the confidence that you have the infrastructure in place to adhere to a growing number of industry requirements.
CGI's managed security services (MSS) help clients manage the complex realm of security needs – from compliance and audits to policies and architecture. And with round-the-clock, end-to-end protection against cyber criminals whose attacks on organizations and agencies are growing at alarming rates, CGI provides the peace of mind to focus on what's most important – growing your business and serving customers.
CGI provides the focused expertise and capabilities required to implement and operate highly secure infrastructures, including:
Governance, risk and compliance
CGI approaches governance, risk and compliance as an integrated lifecycle that requires a holistic view of processes, policies, strategy and technologies, offering:
- Robust compliance reporting services that provide a set of compliance-specific control objectives
- Security advisor services from CGI's certified security professionals
- Security event and incident management
- Continuous vulnerability assessments and security advisory alerts to thoroughly review risks and vulnerability
Data risk management
CGI works closely with clients to identify the specific areas within the systems, policies or processes that have the potential to put information, critical assets and data confidentiality in jeopardy, offering:
- Application activity monitoring, which includes database activity, web services gateways and web application firewalls
- Strong authentication services to ensure that only the right persons can access client IT assets; includes established security policies to determine appropriate technology access
- Identity management solutions to enable access control and confidentiality
- Web policy enforcement to allow for monitoring and enforcement of an Acceptable Use Policy for employees accessing the Internet via the Web; with the policy in place, clients also determine which of the five major risk classes and over 90 major categories of Internet Web sites the solution should filter and report
- Data loss prevention guidance provides content inspection and contextual security analysis of transactions within a centralized management framework and aids in the detection and prevention of unauthorized use and transmission of confidential data
Infrastructure protection management
CGI helps clients assess their assets, threats and vulnerabilities and applies the latest security network and systems technologies to thwart would-be hackers or cyber criminals, offering:
- Intrusion protection service, whether network or host, wired or wireless, to listen for suspicious activity, providing a safety-net to detect, prevent and contain incidents of unauthorized communications that may appear as legitimate
- EndPoint security and encryption services to provide protection against malicious software behavior and enforcement of usage policies on laptops, desktops, mobile devices and servers
- Log management services to provide the tailored ability to collect and centrally aggregate logs, quickly browse through large amounts of data required during investigation, produce reports needed for compliance, analyze and correlate logs to identify malicious activities and attack patterns, and generate alerts on specific criteria customized to the client environment
- Firewall management on a variety of platforms within the data center or at branch locations
- Security messaging services to enhance clients' existing security postures, prevent viruses and spam, and control unwanted e-mail content
CGI has also developed multiple approaches to anti-denial of service to meet the varied requirements of our clients. CGI leverages standard technical security services such as firewall management and intrusion detection/prevention services to address denial of service attacks with supporting process and programs such as hardening, security patches, emphasizing the use of strong passwords and anti-virus programs.
For clients with more rigorous or targeted needs, CGI offers a fully managed service. During an attack, legitimate and denial of service traffic from multiple sources are redirected to mitigation centers. Legitimate traffic is allowed to pass, while identified denial of service traffic is dropped, keeping the customer environment secure.
- Authentication services – Assists clients in reducing the risks to your organization by simplifying vulnerability management activities, and enables processes for compliance to government and industry/regulator security standards.
- Firewall services – Offers a comprehensive gateway between networks, with effective protection and functionality
- Intrusion detection and prevention services – Provides incident detection, prevention capability and incident notification
- Log management services – Provides a way to collect and centrally aggregate logs and produce reports needed for compliance.
- Managed Security Services – CGI's Managed Security Services help you manage the complex realm of security needs – from compliance and audits to policies and architecture.
- Messaging security – Provides protection from a wide range of threats to critical communication channels and offers new secure means of communications, which helps organizations decrease risk and improves regulatory and legal compliance.
- Unified threat management (UTM) – Provides an effective IT risk management safeguard appropriate to the size of your organization's most vulnerable locations, and entry points are afforded the same breadth of coverage.
- Vulnerability management services – Reduces risks by simplifying vulnerability management activities and enables processes for compliance to government and industry/regulatory security standards.
- Web policy enforcement – Allows organizations to monitor Internet usage and optionally block requests that violate organizational policy
Experience and expertise
- Innovative solutions that protect operations at the infrastructure and data layers and advisory services designed to assess and strengthen security strategies
- CGI’s Computer Incident Response Team – industry-certified, accredited and security-cleared experts who utilize proven industry best practices such as ITIL® and SANS
- Round-the-clock monitoring of systems, real-time reporting and immediate action on suspicious activity from CGI’s Security Operations Centers