The VeriSign® Managed
Security Services process ensures that every event is handled effectively
and efficiently by our security analysts. We constantly improve our
policies and practices to define what we do, how we do it, and the way
we document it.
Transaction-Based Process
Security-related
events generate a prioritized trouble ticket queued for handling by
a VeriSign information security analyst who takes ownership of the ticket
through to completion. The security analyst initiates an appropriate
response, which may include blocking the attack, generating a report
for review on the VeriSign® Enterprise Security Portal, and contacting
the client to discuss response and remediation.
Business-Focused Response
The increasing complexity
of network systems and the rising sophistication and frequency of attacks
requires a measured response to alerts and warnings. Responding to every
threat or event is hardly feasible. Our risk-based methods factor in
client data across managed security services, vulnerability awareness,
industry threats, and global intelligence to help you prioritize your
resources without compromising regulatory compliance.
Compliance Driven
VeriSign is safe
harbor certified and meets SAS 70, Type II requirements. We base our
security services methodology on internationally recognized standards
of good practices and principles:
- The Information Security Forum’s (ISF) Standards of Good Practice
- ISO17799: International Organization for Standardization, Code of
Practice for Information Security Management
- U.S. General Accounting Office (GAO), Executive Guide, Information
Security Management: Learning From Leading Organizations
- Information Systems Audit and Control Foundation (ISACF), Control
and Objectives for Information and Related Technology (COBIT)
Worldwide Sites
