Information Security & Compliance

Ensuring Data Security, Reliability & Integrity

Information protection is vital to any business. Being the internet age with a far-reaching impact of cloud computing and e-commerce development, the level of security protocol requires an additional degree of security measures. As data security dimensions evolve, clients prefer to seek the best solutions in terms of information security and risk management.

We, at Computer Gate, offer standardized consultancy services in order to determine IT security for our global clientele. From applications to network security, we have the competence to implement a strategy to mitigate risk and avoid any costly penalties for non-compliance for any business, regardless of location, size, and industry.

SSAE16 Type I/Type II (SOC1 SOC2)

Strengthen and secure your IT Control structure and help your clients gain confidence in your services and business with a SSAE16 Type I or Type II.

ISO 27001

Implement an Information Security Management System that uses the best practice contained in ISO27001 and which gets you certified right away.

IT Security Audit

Align your IT and Security with your business needs to increase your revenue. Find out how secure your network and applications are and get professional guidelines on remediation to improve IT security. Get a Risk Assessment and a full security audit to close all gaps

PCI DSS

The Payment Industry is a hot target for hackers. Credit/Debit card providers and payment processors are challenged to secure their network and services with the strictest security controls.

Our Services

Define and Validate Controls, Policies and Process

We design control objectives for SSAE16 and IT Security policies and procedures as per the requirements of any industry standard as well as your business’ internal control structure. Depending upon the requirement, we evaluate, and also validate, map and redefine the existing controls, polices and templates for design and effectiveness.

Examine the Environment

Scoping out a high risk area where security controls are to be applied and audited is the key to an effective security framework. We identify the scope of all the secure practices and workflows to confine any potential risks to the minimum level in office premises, networks, systems and processes for any audit and certifications. We authenticate the presence of cardholder data by assessing cardholder data presence in your environment. We identify and evaluate data flows in your, systems, network connections and the application itself to scope put the PCI DSS applicability scope. Our experts can help you present most feasible options from tokenization to network segregation to limit the cardholder data scope and therefore minimizing the risk area and audit scope. Also, we map out client’s network diagram and prepare a document comprising of a detailed scope analysis in accordance with PCI auditor’s requirements.

Readiness Assessment / Gap Analysis

We perform an in-depth analysis of the client’s current policies, procedures, network structure, applications flows, Operational processes and data controls to identify any gaps and risks. We also execute a readiness assessment against the clients’ chosen certification with the intention of verifying that all processes are in compliance and ready for certification. This includes a live review of all systems, policy procedures, controls and data flows. Additionally, we guide them to close the gaps and maintain that each prerequisite is adequately managed. In case to watch out for deficiencies, we present a detailed report comprising of corrective measures that accurately address the situation. We also perform a full mock audit for preparing your staff and running an evidence gathering and interview practice for actual audit.

Internal Vulnerability Scans

Computer Gate has a team of certified experts to perform internal and external vulnerability scans at the application and network layer. Moreover, we perform penetration tests on your scoped network, making sure that it meets client and PCI audit requirements (particularly #11). We take our clients all the way to the remediation and compliance stage by not only issuing a report with vulnerabilities categorized as per CVE ratings but also perform re-scans until remediation are in place to get a clean report.

On site Audit Co-ordination for your Certification

Our team is on board throughout the clients’ external audit and liaises with the auditor on their behalf, providing them with appropriate documents and answers.

Self-Assessment Questionnaire

Fill out your PCI DSS Self-Assessment Questionnaire – SAQ A through D as applicable.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.