Case Study: Security Assessment at a Small Technology Corporation

Our company has developed a Trusted Space for client-server and Web-enabled applications, allowing businesses to safely access and exchange confidential information electronically through the Internet. As we continue to develop products and services on our internal networks, and our suite of Internet Trust Services helps businesses confidently and securely move key business functions online, the security and confidentiality demands must be adequate. Our in-house IT security team, relying heavily on our past experiences and knowledge, performed an independent security assessment. Even though the people on the assessment team were all internal employees, the review was able to remain independent because of the team's limited knowledge of the internal configuration; the team was made up of recently hired individuals. The following independent security assessment included the areas of its ASP, internal network infrastructure, and firewalls.