Softline has formed one of the most powerful information security teams in Russia. Hundreds of projects a year and our experts presence in the regions enable us to guarantee our customers a combination of high quality and reasonable cost of implementation of the IS system. We offer a wide range of solutions - from DLP and PD security to projects on protection against targeted attacks, fraud, ATP, as well as APCS security and safety. We believe that support of IS in cloud infrastructure (SoftCloud was PCI DSS certified) and provision of IS services from the cloud within the entire territory of the Softline group presence is a perspective line of development.
The variety of modern web services— from online banking to arrangement of a visit to a doctor — is so wide that substantiated vulnerability analysis and flexible security approaches become a must-have. Our integrated approach includes:
We have a deep knowledge of all popular information security tools, such as email and web filters, antiviruses, firewalls, etc. We are familiar with a large spectrum of products from dozens of vendors, we help clients to choose the optimal solutions based on their requirements to functionality and cost, and assist in integration of these solutions into the existing infrastructure.
Softline offers solutions for blocking dangerous or undesirable web traffic from the world’s leading vendors.
Endpoint protection tools, firewalls and antiviruses for workstations are the most popular information security products, and dedicated tools for protecting mobile access, virtual infrastructures and databases solve more specific tasks.
The tasks of intrusion detection and prevention are solved by firewalls, IDS/IPS and VPN solutions. Firewall management solutions enable the analysis and optimization of the sophisticated and sometimes contradictory settings and configurations issues that originate from a typically long history of a corporate network.
An efficient access management system should enable control of all the stages of employee access to information resources and create no inconveniences for business users. We are ready both to solve separate access management tasks and implement integrated solutions, which include:
These systems automatically detect fraud attempts using the digital footprint that inevitably remains in information systems, and immediately spread the alarm. We know the fraud scenarios used in retail, logistics, and banking, and we use this knowledge to develop effective anti-fraud systems designed to detect real-life threats.
We know how to create solutions that can detect infected devices and compromised client IDs, thereby preventing the fraud attempts in the field of online payments.
These solutions can be used to check a large number of contractors automatically by comparing and matching data from various sources. Our experts understand the specifics of verification in various industries and know how to use their competences in the systems they develop.
The attacks targeted at particular organizations or companies are planned and executed in such a way that the standard security tools are unable to detect a threat. We offer our clients specialized tools for targeted attack detection. They launch suspicious code in a sandbox (isolated environment) and analyze abnormal network activity.
The main information security task in manufacturing industries is ensuring continuity and safety of technological processes. Although there are a lot of specific solutions for controllers, sensors and control devices, such as fool proofing or physical isolation of critical systems, the risks typical for non-industrial systems (such as viruses and attacks) are becoming more common for plant control systems now due to the increasing use of conventional networking and software solutions (i.e. Ethernet and Windows) in industrial applications. Our vulnerability audit service for industrial systems allows to quickly developing a pilot project at a minimal cost, as it does not require the elaboration of project details or collection of vendor recommendations.
We implement all the types of systems that provide data leak and unauthorized access protection:
Many our clients need to prove the compliance of their activities with the information security regulations, including the regulations on personal data protection. We offer and deploy certified information security tools, implement business processes, ensure corporate governance, and help clients to pass certification.
At a certain IT maturity level, organizations need to establish a centralized information security operations management system. Such a center provides a full vision of the current state of information security assets, enables elimination of non-conformances in due time and ensures the required information security level. The main functions of such a center are: