P.I.T.M.A Security Framework

The PITMA security framework comprises of the following phases: Policy, Implementation, Training, Maintenance, Auditing. Whether your company is just starting up or has been established and functioning for a long time, PITMA is designed to fit both scenarios. The PITMA security framework gives you a complete security solution so that you don't have to worry about "inadequate security" in any part of your network.

The PITMA security framework

Expand All | Collapse All

Policy

First stage of the PITMA security framework is Policy. Having a Security Policy is the foundation for a solid and complete security solution. In this stage, FONIQ will either:

Write the necessary security policy for your business if you don't already have one;
Or verify if your current policy is up to date and current.

Implementation

In order for this stage to be successful, a Security Policy must be existing and current. FONIQ will refer to the Security Policy that has been drawn up from the previous stage to implement the security safeguards as directed and agreed upon. This stage includes but not necessarily limited to these steps:

Firewall implementation and configuration
Network/Operating System hardening
Intrusion Detection System implementation and configuration.
Implementation and configuration of other security safeguards in accordance with your security policy

Training

Why is Training in the PITMA security framework? Because FONIQ want you to be able to maintain the security posture after the Implementation stage. There's no reason to secure your network infrastructure if you don't know how to maintain it. FONIQ understand different people have different needs and different types of training are available to suit your needs. FONIQ will:

Raise security awareness among your users by providing Security Awareness Training (Non-Technical)
Raise your management's responsibilities toward the overall security posture of your company (Non-Technical)
Raise your security/system administrators' skills so that the security posture of your company can be improved and maintained

For additional information, please click on the following linkTraining

Maintenance

FONIQ will maintain the security of your network for a period of time (To-Be-Determined upon agreement/contract). The maintenance stage is to verify and assure that your network is operating in a predictable and secure manner. At this very stage, FONIQ will:

Make the necessary updates to your Network/Operating System
Make sure that changes or updates to your Network/Operating System do not in fact introduce any new vulnerabilities
Install additional security countermeasures if deemed necessary.
Maintain the security state of your network.

Audit

Auditing is the final part of the PITMA security cycle, yet it also plays a very important role. Auditing is to verify the correctness of the implemented security controls by performing various security audit against your network to identify weaknesses. FONIQ will continuously perform security audit against your network for a period of time (To-Be-Determined upon agreement/contract). At this stage, FONIQ will make sure:

The implemented countermeasure does what it promises (as directed in your Security Policy)
All errors and omissions are addressed during the audit and will be corrected after the audit
Additional security controls are implemented to address the issues/findings
All additional changes and findings are reported to your Management

This is your one stop complete security solution. You will enjoy the full security services given by PITMA. You will get everything done from A to Z (Risk Assessment, Security Policy Writing, Penetration Testing, Security Training, Security Implementation, etc.). If you're now convinced that PITMA is right for you then please do not hesistate to contact us for quote.