Share :
Infrastructure security offer
The CIDR offer provides the foundations for safe operations. From the lowest layers, such as the network or operating systems, right down to the data, which in many cases is the most important part of the system. carries the company’s wealth (patents or customer address books, to give just two examples), our offers – whether “packaged” or tailor-made – focus on secure these elements by applying best practices. From the first measures to get out of the “humiliation zone” to the complex specifications for sensitive information systems (IM900/II901, RGS, etc.).
Cryptography
Cryptography is omnipresent in our systems, and in most cases is invisible to the user (and in this way achieves the goal of all security systems). However, the possibilities for applying cryptography are not always the default choices, and are sometimes complex to set up and maintain.
That’s why we support our customers in :
and all the satellite components required for its operation (HSM, CMS, smart card, etc.).
- Applying TLS
- Secure remote access (VPN)
- Device encryption
- User data encryption
- Application data encryption
- Machines (on the network or between machines)
- Users (MFA with certificates, e.g. for Windows SmartCard Logon)
Discover some of the technologies we work with:
- PKI/IGC/IGC: ID PKI (Atos), AD CS, EJBCA (KeyFactor), Entrust
- Hardware Security Module (HSM): TrustwayBull Proteccion (Atos), YubiHSM (Yubico), nShield (entrust)
- Data encryption: ZoneCentral (Prim'X), Oodrive, Stormshield Data Security
- Device encryption: Cryhod (Prim'X)
- Cloud encryption: Google EKM, Data Security Manager (Fortanix)
- Remote access encryption: GlobalProtect (Palo Alto), Prisma Access (Palo Alto), FortiClient (Fortinet), Netskope
Infrastructure
By “infrastructure” we mean everything that supports the final IS services, from “high-level” activities – such as design or consulting – to the most technical (OS hardening, for example).
Most of our projects involve a design phase, defining the architecture and integrating it into the company’s existing IS.
However, certain needs and contexts call for special, or even exclusive, attention to be paid to the latter (since the “technological” components of the project are either not dimensional or fixed). This is particularly true for the creation or compliance of sensitive information systems. Backed by extensive experience in these particular contexts, we help our customers to study the texts relevant to their regulatory constraints (IM900/II901, IGI1300, RGS, etc.) and define with them the architecture choices that will guarantee compliance, and hence the security of their activities.
On a more “micro” scale, our infrastructure activities also include secure operating systemsWe can also help you with techniques and processes related to backups and PRI/PCI implementation.
All these activities are combined (when relevant) on-premise and in the cloud.
Data
As mentioned above, we support our customers in managing the right to know – which encryption makes possible. But this is not the only area of data protection, nor is it the first: to protect an asset, you first need to know what it is, both quantitatively and qualitatively.
If inventory is a problem for systems, it’s a colossal task for data: volumes are exploding, and so are storage locations – between historical on-premises and multiple CSPs.
Synetis offers tools and methodologies for all these projects:
- Data inventory and mapping ;
- Data classification ;
- Monitoring and protection against data leakage ;
- Right-to-know management ;
- Management of legal requests and obligations (RGPD, right to be forgotten, etc.).
Discover some of the technologies we work with:
- ZoneCentral (Prim’X)
- Oodrive
- Stormshield Data Security
- Cryhod (Prim’X)
- Google EKM
- Data Security Manager (Fortanix)
- Symantec
- DigitalGuardian
To support companies and organizations of all sizes, we also offer a packaged solution: GOENCRYPT – turnkey data encryption solution:
Encryption via ZoneCentral and/or Cryhod – of of devices and user data (local, collaborative and “in transit” by e-mail).
To support certificate-based user authentication on these solutions.
- Symantec
- DigitalGuardian
Networks
Our teams of experts support our customers at every level of the network. Whether in theapplication of best practices or recommendations on an existing network, installation or migration to new firewalls, review of filtering rules or automation of their deploymentor the securing remote access in “historical” operation (VPN) or in ZTNA models (SASE / CASB), we support companies and organizations in securing their network projects.
That’s why we support our customers in :
FireWall Fortinet, Palo Alto, Stormshield
Automation : Tufin
SASE Netskope, Prisma Access (Palo Alto)
Secure remote access GlobalProtect (Palo Alto), FortiClient (Fortinet)
With our CIDR offer, we support our customers in implementing IS security and securing their business operations. Thanks to this collaboration, sound foundations are built, enabling companies to add new solutions and services with peace of mind.