Security Consulting Services
IGLOO Corporation's information security consulting with the best experiences and know-hows.
IGLOO Corporation, a leading company in information security is an institution expertized in implementing information security consulting and positioned to be a evaluation company on personal information influences. We pursue providing a differentiated value through performing customized consulting by consultant group with the highest competency and rich experience.
-
Security Consulting Service
-
IGAM (IGLOO Corporation Assessment Methodology) is a verified methodology used for performing information security consulting by IGLOO Corporation from the experiences of carrying out information security projects and can be flexibly structured to suit each project.
IGLOO Corporation provides diverse services to improve the level of information security by applying consulting methodology that is modularized by tasks for easier application of systematic and professional services to customers.
-
Advantages of IGLOO Corporation Consulting
-
-
1
Possess Systematic Methodology
Consulting methodology for establishing information security system
Consulting methodology for analytical assessment of vulnerabilities of major communication infrastructure
Consulting methodology for establishing system for personal information protection
Methodology for performing influence evaluation of personal information
Consulting methodology for vulnerability checking
ISMS-P/ISO27001 Certification Consulting Methodology
-
2
Verified Competency
Designated as professional company of intelligence
information security Consulting company
Designated as institution for implementing influence evaluation on personal information
Acquired ISMS and ISO 27001
Designated as professional company of Managed Security Services
-
3
Know-how Utilization
Utilize the best know-how of Managed Security Services/analytical implementation in the industry
Utilize the knowledge obtained from development of information security solution to the consulting service
-
4
Maintenance Service
Provide consistent maintenance service based on competent human resource
Provide advisory service by legal expert institution
Secure customer accessibility by utilizing branch located in Daejeon and Gwangju
-
1
-
IGAM
IGLOO Corporation
Assessment Methodology -
IGAM (IGLOO Corporation Assessment Methodology) is the fundamental methodology of consulting business department that have been verified by many projects carried out by IGLOO Corporation.
IGAM has the following advantages
Improves understanding of customers in business
Configuring Security Risk core values and restructuring methodologies that are appropriate for the flyer business based on a sufficient understanding of the customer's business
Realize lower methodology by form of information protection Consulting business after structuring WBS of master level
Reorganize or restructure to suit the property of the project for all analysis and application techniques of lower methodology
Systematic Assessment
Apply various qualitative and quantitative risk analysis theories in order to obtain analysis results that are closest to the actual according to the process and asset protection methodology of the customers.
-
Utilization Area of IGAM
-
-
Establish information security management system
Establish personal information security management system
Establish technological security system
Establish information security management system
-
Information security diagnose consulting
Inspect vulnerabilities of information system – Server, network, DBMS, WEB, WAS
Development security (source code)
Reflect latest security technique
-
Information security diagnose consulting
Comply with information and Communication Infrastructure Protection Act
Provide procedure for preventing overlap or omission of controlled items proposed by relevant law
-
Influence evaluation of personal information
Based on Personal Information Protection Act
Provide procedural confidence to prevent overlap or omission of controlled items proposed by the relevant law
-
Risk management
Reflect information protection momentum centered around process focused on assets
Expand alignment Consulting area between Biz and security
-
Supportive Consulting for acquiring authentication
ISMS
ISMS-P
ISO/IEC 27001
-
-
Introduction of Information Security
-
The information security establishes improvement tasks on elements of cyber-threats by inspecting managerial, physical and technological vulnerabilities. By establishing an implementation roadmap for the derived improvement tasks and providing a master plan for information protection, we present a blueprint for step-by-step enhancement of customer information protection levels.
Purpose Target To provide an overall information security master plan by analyzing information protection statuses and security issues of customer companies based on the latest information protection acts and standard
Company or institution that wishes to be inspected on overall information security
Company or institution that wishes to establish an information security management system and related standards
-
Implementation Procedure of Information Security
-
IGAM-MP(IGLOO Corporation Assessment Methodology for Master Plan) is a verified methodology to thoroughly inspect managerial and physical information security management systems based on IGAM of IGLOO Corporation, and can be flexibly structured to suit the relevant project.
-
Expected Effect of Information Security Consulting
-
Can comprehensively understand risk and its potential damage regarding information security within an organization
Perceive budget and details of measures required for improvement for implementation tasks
Can set systematic and planned budget and invest resource by establishing information security roadmap
-
Introduction of Personal Information Protection Consulting
-
Verify validity of personal information protection related laws, and by analyzing the process of personal information handling tasks and inspecting weaknesses of the personal information processing system, deduce penetration elements of personal information and propose improvement measures
Purpose Target To propose improvement measures by analyzing personal information processing status and personal information protection issues of customer companies based on latest personal information protection laws and standards.
Company or institution that wishes to be inspected on overall personal information protection management system
Company or institution that wishes to set personal information protection management system and related standard
-
Implementation Procedure of Personal Information Protection Consulting
-
This methodology has been verified to enable thorough inspection on managerial, technological and physical security items on the personal information protection aspect of customer companies based on IGAM of IGLOO Corporation, and can be flexibly structured to suit the property of relevant project.
-
Expected Effect of Personal Information Protection Consulting
-
Supplement information protection policy/guideline/procedure within organization based on personal information protection related law
Train and increase recognition of compliance on personal information related measures for the managers of personal information.
Protect and reinforce the benefits and rights of the information holder through prevention activity from attacks and leakage of personal information
-
Introduction of Privacy Impact Assessment (PIA)
PIA: Privacy Impact
Assessment -
Based on inspection items required by personal information influence evaluation, personal information penetration elements are deduced from flow analysis on personal information handling duties by life cycle to establish improvement measures, prevent penetration incidents and raise confidence in the personal information processing environment.
Purpose Target To propose improvement measures by analyzing management of personal information processing system and personal information protection issues of customer companies by focusing on influence evaluation and latest personal information protection laws
A company or institution that wishes to be inspected on personal information processing and protecting status on developing or new personal information processing systems according to the Personal Information Protection Act
-
Implementation Procedure of Personal Information Influence Evaluation
-
IGAM-MP( IGLOO Corporation Assessment Methodology for Personal Impact Assessment) is a methodology verified to enable inspection on managerial, technological and physical security items of personal information processing systems based on IGAM of IGLOO Corporation. During inspection, inspection items are thoroughly inspected focusing on the latest NIA personal information influence evaluation inspection items.
-
Expected Effect of Personal Information Influence Assessment
-
Can obtain legal validity on personal information protection related laws by inspecting management system of personal information protection of target institution and system
Through the personal information protection inspection for each processing stage, the effect of raising awareness of the matters that personal information handlers must comply with can be expected.
If implementing influence assessment on personal information processing system in the designing and building stages before operation, improvement measures can be applied at much lower cost and effort compared to system in operation after building.
-
Introduction of Certification Consulting
-
Establishes protection measures to risks deduced from status analysis based on inspection items required by each certification, and provides consulting service to all processes from preparation to acquisition of certification by supporting document condition preparations such as implementation evidence required for certification procedures.
-
Major Certification Supporting Consulting Area
-
IGLOO Corporation Consulting business department implements Consulting of information protection certifications below.
ISMS ISMS-P ISO/IEC 27001
-
Implementation Procedure of Certification Consulting
-
IGAM-BCMS (IGLOO Corporation Assessment Methodology for the Consulting Framework of Business Continuity Management System) is a methodology developed to assuredly implement all certification supporting duties from preparation to acquisition of certifications based on IGAM of IGLOO Corporation.
-
Expected Effect of Certification Consulting
-
Reinforce safety by systematic and consistent information protection management activity
Expand investment budget of information protection and establish governance system by improving perception on information protection by management
Various benefits to certified company and corporate image improvement by enhancing customer confidence
-
Introduction of Communication Infrastructure Consulting
-
IGLOO Corporation establishes and provides protection measures to vulnerabilities by performing analysis and assessment and by inspecting items of cyber security that threaten operation of major information communication infrastructure facilities.
Target: Institution managing major information communication infrastructure facility registered according to the Act on the Protection of Information and Communications Infrastructure.
-
Major Services of Communication Infrastructure Consulting
-
While performing Consulting for major information communication infrastructure, the following diagnoses on vulnerabilities are performed to establish and provide protection measures.
Identification and classification of asset
Diagnose vulnerabilities of information system (server, network, DBMS, security system, WEB/WAS, PC)
Diagnose vulnerabilities of web application (simulated hacking)
Analyze degree of risk
-
Methodology of Performing Communication Infrastructure Consulting
-
IGAM-ITI (IGLOO Corporation Assessment Methodology for the Consulting Framework of Information Communication Infrastructure) is a methodology developed for smooth implementation of diagnoses for technological, managerial and physical vulnerabilities on major information communication infrastructures based on IGAM of IGLOO Corporation.
-
Major Services of Communication Infrastructure Consulting
-
Secure legal validity for Clause 9 of the Act on the Protection of Information and Communication Infrastructure
Assure stability of country and lives of people by preventing cyber-attacks for major information communication infrastructures in advance and promoting stable operation of facilities
-
Introduction of Vulnerability Inspection Consulting
-
Vulnerability inspection consulting diagnoses technological weaknesses on major information systems (server, network, DBMS, information protection system, etc.) operated by customers and proposes protection measures to deduced threats to improve security and decrease the risk of occurrence of incidents.
-
System/Web Penetration Testing
-
In order to find out the technological and potential vulnerabilities of web services in operation, IGLOO Corporation uses hacking techniques used by hackers to carry out penetration testing to inspect webpages.
-
Diagnose Vulnerabilities of Source Code
-
Perform diagnosis on source code by categorizing into verification and indication of input data, security function, time and status, error processing, code error, encapsulation, and misuse of API according to the obligation of source code inspection.
-
Expected Effect of Vulnerability Inspection Consulting
-
Reinforce stability on information system with vulnerable security setting by diagnosing vulnerabilities
Eliminate potential risk of attacks by performing penetration testing
Eliminate potential risk by application level by diagnosing vulnerabilities of source code, and improve perception of developer and technological level on safe coding
-
Introduction of SOC Consulting
-
In order to provide enhanced security and rapid response to security events throughout the network, building a Security Operation Center (SOC) can be an essential task for your cyber security. SOC will be designed in the manner that optimally utilizes and draws out the performance of the equipment and the characteristics of heterogeneous security devices.
Goals of Each Phase
Phase Goals Requirement Analysis
Build proper implementation plan and schedule to successfully carry out the Consulting and make preparations for consulting activities to produce quality deliverables
As-Is Analysis
Perform current status analysis of core IT assets, relevant IT infrastructure, organizations, personnel, relevant policies and any other environ-ment that can affect the Project
SOC Analysis
Establish detailed SOC design plan for the Project based on the result of the As-Is analysis
Review & Report
Share the SOC design plan for review and finalize the plan as well as provide all the deliverables such as the proposals for SOC implementation, operation, and training