Shaya Technologies to tackle network security with Microsoft

South African IT security firm, Shaya Technologies, has achieved a security solutions competency through the Microsoft Partner Programme. This makes Shaya Technologies the first member of the local IT community to gain recognition for their technology security skill under the new Microsoft Partner Programme.

"The number and extent of risk that the average network faces today from malicious attack means that security is no longer someone else`s responsibility. It`s imperative that businesses constantly review and improve their IT security. 99% of the time, when technology is used correctly, it can provide a comprehensive shield of defence," says Principal Consultant at Shaya Technologies, Ian Melamed.

The certification comes at a time when proven security competency and knowledge of security information management are sought-after skills in both the corporate and government technology environment.

Shaya Technologies` ability to pioneer preventative solutions to security threats was first established during the heightened virus attacks of Code Red, Nimda and Blaster. The company developed an internationally recognised satellite-fed virus protection system to provide the latest security patches.

Through this system Shaya Technologies has grown to protect more than 50 000 users in the South African business environment as well as develop a full information security management offering. This extends across security audits, security benchmarking, policy development, system feedback and proactive system protection technology deployment.

"We see companies like Shaya working with Microsoft, to tackle broader security issues like risk management and IT governance as part of our on-going commitment to make network systems in SA more secure," says Colin Erasmus, technology security manager at Microsoft South Africa.

Melamed believes that in 2005, computer and network security will become central to good corporate governance. "Today, most enterprises and service providers are beginning to evaluate and transform their IT infrastructures and supporting processes to comply with legislation. Legislation not only places responsibility on CEOs and CFOs to validate and assure the accuracy of the financial data provided to the SEC, it also significantly impacts organisations in terms of internal controls and processes, which may prompt an evaluation of information technology and IT security policies," says Melamed.

Enforcing internal controls and security of IT systems has meant that many organisations have implemented the International Security Standard ISO 17799 framework as a template for defining controls and policies across information systems and network infrastructure security. The ISO 17799 framework offers best practices for the implementation of security policies and provides organisations with a defined set of controls for information security. Comprised of two parts, the ISO 17799 serves as a reference point to help organisations understand the range of controls required to implement effective IT security.

"With higher demands for improved IT security policies and integrity, CIOs are now challenged with re-evaluating the means by which they manage and secure their networks and business systems. In addition, IP networks are becoming increasingly vulnerable through the accommodation of new technologies such as IP telephony and a growing mobile workforce, comments Melamed.

"This means deploying correct resources as well as processes across the network to ensure minimal vulnerability has become increasingly critical for IT organisations to ensure the systems and databases storing information are completely secure.

"Many enterprises and service vendors are turning to security information management (SIM) as a means to simplify security operations and help staff effectively identify security threats. By monitoring and correlating disparate IT security data from multiple security tools, SIM solutions can reduce large event volumes and help IT staff prioritise their response to events," concludes Melamed.