General 3min de Leitura - 26 de April de 2018

What is Information Security Diagnosis and why is it important?

Homem sentado em frente ao computador em uma sala escura, com textos de linguagem de programação refletidos sobre ele e a parede atrás dele

This post is also available in: Português English Español

Information Security is a new concept for many technology professionals. This is a critical factor: while analysts and IT managers invest in digital security, their business maturity levels are not always met by the required standards.

Often, the problem is further intensified by not recognizing the fragility and maturity of their business. According to a Norton by Symantecreport, about 61% of the country’s population was a victim of cybercrime in 2017. This corresponds to approximately 62 million Brazilians connected to the Internet and involves individuals, companies and public agencies.

Companies need to identify where they are most ineffective and thus adjust their efforts to gain full protection. In this blog post, will be presented characteristics of the Information Security Diagnostics (DSI) – a vital tool for this type of recognition, developed by OSTEC.

If you want to know more about the diagnostics, its importance and what factors are taken into account in the evaluation, keep reading.

What is the Information Security Diagnostics?

ISD, an acronym for Information Security Diagnostics, is a tool that assesses (as the name suggests) the processes and resources related to information security of companies,producing a prognosis; that is, it analyzes several areas and generates an evaluation result of the corporation’s maturity in the digital security standards.

The Information Security Diagnosis developed by OSTEC is not a simple business consultancy. It is mainly a tool that provides autonomy to the user and allows visibility of the general panorama of a business. Its functioning is based on a judicious questionnaire, which seeks the veracity of the answers provided by the individual. Thus, it provides adequate explanations for doubts and identifies potential security bottlenecks in the company.

With ISD, the company’s Information Security officers can become more comfortable in their day-to-day activities because their efforts will be focused in a way aligned and consistent with the needs of the organization.

It is important to point out, however, that the tool does not detract from the importance of a specific evaluation done by specialists in the area of ​​Information Security.

What factors are evaluated?

There are many aspects evaluated in the diagnosis, since security of a corporation must be treated in a detailed way. The fight against virtual threats happens through several factors that contribute, in various ways, to engage the team in its productivity and increase the high availability of the Internet.

Some of the most relevant factors, however, are:

Governance and Compliance

In this category, the most organizational aspects, the use and compliance of norms and internal policies are evaluated.

Control and Productivity

Here we analyze whether the controls within the organization are valid, if they provide assistance to employees and influence productivity.


Very important factor for the business, in this aspect are evaluated all the items and resources that need to remain available, without interruption and with high efficiency.

Visibility and Traceability

In this, it is verified the tools that detect anomalies in the network structure, allowing the visibility of intrusionsand abnormal processes, in addition to identifying responsible for certain actions.

The Importance of Information Security Diagnostics

ISD is not intended exclusively for large corporations, but for corporations that think big. This is because it can be used by all companies regardless of size or industry.

With the tool, you can kick start the activities of the company in relation to information security, improving them assertively. After all, a strategy involves a long set of actions: planning, team awareness, monitoring and continuous improvement. In this way, having a complete diagnosis is to have a guide that can – and should – be used for the development and protection of the company.

So, if you’ve been interested in looking at your company’s organizational commitment, we have developed a totally free trial that will be released on May 9th at 3:00 p.m.The tool will be available in an exclusive webinarfor subscribers and with the participation of specialists in Digital Security. Entries for the broadcast are already open and are limited. Sign up nowand be the first to know the powerful features of ISD.

Keep reading

[latest_post type=’boxes’ number_of_posts=’3′ number_of_colums=’3′ order_by=’date’ order=’ASC’ category=’problem-recognition’ text_length=’100′ title_tag=’h4′ display_category=’0′ display_time=’0′ display_comments=’0′ display_like=’0′ display_share=’0′]


This post is also available in: Português English Español