Home
Services
Products
Principles
Biography
Articles
Contact Us
 

© Crisp Telecom Limited

                            Standards Links ISO
ETSI
3GPP
JAVA
EMV
MULTOS
ITSO


SERVICES

Security Reviews

We are increasingly reliant on the use of IT systems and mobile smart phone platforms in our normal day-to-day business and personal activities. It is of paramount importance that these systems are sufficiently secure to protect and secure sensitive, valuable and private data, and associated storage, communications and transactions. Therefore the design and use of such systems should be in accordance with best practices for information security that have been developed by industry, government and the worldwide expert community. However, it is also important to realise that there are often practical and financial constraints, especially with legacy systems and that a lot of effort in information security is working with imperfect solutions.

Concerns about information security (or cyber security) have never been greater with huge numbers of attacks and malware targeting our personal platforms (smart phones, PCs, tablets etc) as well as traditional servers and Cloud-based services. New apps and services are often rushed to market with rarely enough attention given to security threats, attack resistance and impact minimisation.

Crisp is extremely active and experienced in providing highly expert security reviews and risk assessment of complex IT systems, including those using modern devices such as mobile phones, smart cards, NFC, RFIDs, PCs and server systems. Crisp has reviewed a wide range of systems, although the company is especially well known for its reviews of international transport ticketing systems and references can be provided on request.

Note that the Crisp Director has many years of industry experience, but is also a Professor of Information Security. The majority of Crisp employees and/or expert associates also have strong backgrounds in advanced information security.


Standards

The success of a product in many cases is dependent on international standards. The ability to understand standards, identify key issues and adopt successful strategy can have major effect. Equally important is to know what can be realistically achieved within particular forums given the diverse business interests of the participants.

For smaller companies the emphasis may be to passively monitor standards. Here assistance may be required to explain the details, receive advance warning of major changes or simply to have a presence at key meetings.

Larger companies may aspire to proactively influence the standards and this requires a major step up in class and ability. International standards are intended primarily as technically driven, objective work-groups, however whilst this is still partly true, the key players attempt to drive strategy, for commercial advantage. One person with a great solution, when faced with 20 organised people supporting a lucrative but mediocre solution, will probably lose.

To make progress in standards, Crisp can help you to understand the players and develop an effective “street-wise” strategy that will lead to consensus.