For ENIGMA, information security is the practice of preventing access, use, disclosure, interruption, modification, inspection, recording or unauthorized destruction of information.
The main area of interest for ENIGMA is the balanced protection of confidentiality, integrity and data availability, while maintaining the focus on the efficient implementation of policies and without significant impediments to the productivity of the organization.
ENIGMA performs strategies, guidelines and protocols to address and support companies and organizations on efficient security policies with regard to:
authenticated access, password, antivirus software, firewall, encryption, legal responsibility and standard user/administrator training.
ENIGMA area of operation
ENIGMA deals with information security that conceives as a set of means and technologies aimed at the protection of information systems with particular regard to the situations and conditions of availability, confidentiality and integrity that the relationship Utilities - assets / IT assets implies.
The term is often replaced by the neologism cybersecurity, which represents a subclass of the broader concept of information security. In the Vision of ENIGMA the "cybersecurity" remains, however, that area of information security purely and exclusively dependent on information technology.
Which threats do we have to face?
Cyber threats come from multiple ways. Some of them are: software attacks, theft of intellectual property, theft of equipment or information, identity theft sabotage, which usually consists in the destruction of a company website, causing a loss of trust in its customers, and misappropriation of information, aimed at extortion consisting in the theft of a company's property or information as an attempt to receive a payment in exchange for the return of the information or property to its owner, as in the case of ransomware.
Most of companies have undergone software attacks of some kind: virus, worm, phishing and Trojan are the most common.
These attacks are conducted in order to get illicitly:
- Theft of intellectual property
- Identity theft
- The sabotage that usually consists in the destruction of an organization's website in an attempt to cause a loss of trust from its customers.
- The misappropriation of information aimed at extortion consisting in the theft of a company's property or information as an attempt to receive payment in exchange for the return of information or property to its owner, as in the case of ransomware.
There are many ways to protect against some of these attacks, but one of the most functional is user attention.
Governments, corporations, financial institutions, hospitals and private companies gather a big quantity of confidential information about employees, customers, products, research and financial status.
Most part of this info is collected, worked and filed on computers and transmitted through networks to other computers.
If confidential or financial information about customers and companies, or about new lines of products are caught by a competitor or by an hacker black hat, damages can be irreparable, both reputational and economic.
ENIGMA offers many areas of specialization, such as IT security, security of networks and infrastructures, application and database security, security testing, information systems auditing, business continuity planning, electronic record detection, digital forensic analysis, training and technical advice.