Network and Security Infrastructure 

LCM Security works with our customers to put together recommendations to meet compliance and security requirements and to improve the general security baseline within the organization. LCM recommends technologies and processes that meet these requirements. Major components incorporated in LCM’s recommendations include, but are not limited to: 

  • Network segmentation
  • Improved access control and authentication
  • Implementation of a web application firewall (WAF), and
  • Core and perimeter IPS. 


LCM technologies and processes address further security threats, Advanced Persistent Threats (APTs) and the threats associated with deliberate or accidental incidents caused by internal personnel.  LCM works with the customer to implement the right technology and monitoring processes that enable the monitoring and tracking throughout the evolution of the APT and that generally go unnoticed until a breach has already occurred. In order to address these threats, changes in security components, monitoring and incident response processes will be engineered and implemented.  The monitoring of critical infrastructure is also a crucial component in which LCM assists or outsources for its customers to be able to report, alert, and most importantly quickly react to security incidents.

Our first step is to complete a Gap Analysis based on both PCI-DSS and / or security best practices. Typicallly, it is determined that additional security controls must be implemented in order to meet PCI compliance standards or best practices.  The projects necessary are outlined below as well as the PCI Control Objective they fulfill.


Scope Reduction and Network Segmentation to Meet Security Requirements 

Limit the number of systems over which confidential data is transmitted, stored or processed.  Address PCI requirements within the new technology that are outstanding with the goal of minimizing the amount of design changes and capital expenditure required downstream from this project.


PCI Requirements

1.2 Build a firewall configuration that restricts connections

1.3 Prohibit direct public access

4.2 Never send unencrypted PANs by end-user messaging technologies

6.6 Ensure applications are protected against known attacks by either reviewing application vulnerabilities or installing web-application firewalls

8.3 Two-factor authentication for remote access

8.4 Render all passwords unreadable during transmission and storage

10.1 Establish a process for linking all system access points to individual users

10.2 Implement automated audit trails

11.4 Use intrusion-detection systems, and/or intrusion-prevention systems to monitor all traffic

Technologies 

We have made an effort to select products that consolidate multiple technologies into a bundled security solution. By taking this approach our clients get exactly the solution they need at the best possible value. 

  • Firewall & VPN 
  • Anti-Virus & Anti-Spam 
  • Intrusion Protection / IDP 
  • Security Event and Information Management (SEIM) 
  • Security Scanning
  • End-Point Security 
  • Virtualization Security 
  • Encryption 
  • Network Access Control 
  • Secure Network Access