Security Services

Advanced security solutions
Explore Our ServicesVisit Our FAQ

Data-Driven Systems

Information systems (IS) are the core components of companies and organisations; they enable data to be exchanged and communication to take place through a combination of liveware, hardware and software components.
Data breaches are happening constantly and the attack surface is expanding. It is vital that companies know how to protect themselves effectively against the increasing number of malware, ransomware and phishing threats.

Digital transformation and mobility, generated by the development of tele-working, are giving rise to new risks that expose companies across all sectors to new, increasingly frequent and aggressive threats. Data security is therefore becoming a major issue for companies, and cybersecurity is one of the most important challenges they now face.

In order to protect their facilities against malware, spyware or viruses, companies rely on experts to advise them, identify risks and vulnerabilities, help them strengthen their systems and defend themselves against cyber attacks.

A Global Expertise

Sonema delivers a comprehensive approach to network and IT security, ensuring continuity of service and protection of our customers’ assets. As telecommunications networks are the foundation of IT infrastructures, it is vital to be able to secure data, traffic and customer applications.

To increase the security of your networks, Sonema will help you define, implement and monitor compliance of a global security policy for your IT system.

From prevention and detection to response, Sonema has designed managed service packages that protect your business from cyber attacks and malware, and also ensure the authentication, confidentiality, integrity and non-disclosure of your system information.

Sonema provides support for your global cyber resilience strategy.

Get our Free White Paper on Security!

This white paper aims to describe the various threats companies are exposed to, and describe the main technical and organisational solutions to set up.

Benefits

Security Expertise
  • Resilient, secure and highly-available facilities
  • Equipment set-up and management, incident management by certified experts
Innovative Services
  • Support to understand vulnerabilities and remediation processes
  • Solutions tailored to meet business needs and applications
  • Partnerships with industry-leading security technologies|
Management tailored to your requirements
  • Management of customer equipment
  • Managed services from our datacentre

Discover our Security Services

Network Access Control

Manage your users’ access permissions to improve your cyber resilience.

Bastion

Enhance your security with advanced privileged account management.

Access Protection

Secure identity and access rights management solutions for your network.

Pentesting

Monitor your level of protection by carrying out intrusion tests on your Information System (IS) and networks.

Audit & Consulting

Risk assessment and support from our experts to implement your security policy.

Data Protection

A complete range of solutions designed to protect you against cyberattacks and advanced network threats.

Mail Protection

Advanced and powerful protection against spam and malicious programs targeting your mailbox.

Cyber Security Awareness

Cyber security awareness training enables your employees to adopt the correct approach in order to avoid data loss.

Frequently Asked Questions

What does cyber security mean?
Cyber security encompasses all security measures which may be taken in order to protect against attacks designed to jeopardise the proper functioning of the IT and communications systems used by individuals, businesses and administrations and the physical safety of facilities which are critical for national security.
What is a Sandbox?
A Sandbox is a concept generally used for software development. Its aim is to isolate an application or a piece of code which has not been tested or isn’t recognised by the system in a closed and independent environment whilst replicating the characteristics of the operating system. A behavioural analysis of the code is carried out within the sandbox environment where it can be handled, studied or altered with no impact to the operating system.
What is a firewall?
A firewall filters data flows from one network to another. It protects network traffic and is capable of identifying and blocking unwanted traffic or traffic which does not comply with the user’s predefined rules.
What is a WAF?
A WAF (Web Application Firewall) or application firewall protects web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defence in the OSI model.
What is a DDoS attack?
A distributed denial-of-service (DDoS) attack is a malicious attempt by hackers to overwhelm a host, server or web application by sending a flood of Internet traffic to saturate the system and create total service disruption.
What is the PCI DSS?
The PCI DSS (Payment Card Industry Data Security Standard) is an information security standard which applies to the credit card industry. Created and administered by the Payment Card Industry Security Standards Council, the aim of the PCI DSS is to reduce credit card fraud. It is applicable to all organisations which handle credit card data. Validation of compliance is performed either by an external Qualified Security Assessor or by Self-Assessment Questionnaire for companies handling smaller volumes of credit card data.
What is a VPN (Virtual Private Network)?
A Virtual Private Network is an encrypted link between a user and a remote server, or between different private network facilities anywhere in the world using a WAN/Internet link to send and receive data.
Multiple tunnelling protocols can be used including SSL/TLs and IPSec.
What does IPSec mean?
IPSec (Internet Protocol Security) is a secure network protocol suite which safely authenticates and encrypts packets of data sent over an Internet Protocol network . It was designed as the Internet security protocol for both IPv4 and IPv6 and enables security features related to user authentication and data confidentiality.
IPSec is also used to establish VPN links as it can securely connect 2 IT systems using an existing network.
What does SSL mean?
SSL (Secure Socket Layer) is the standard communications protocol for establishing an encrypted link between a web server and the customer (PC, tablet, laptop etc). Created by the American company Netscape in the mid 90’s, it is based on an encryption procedure using
a Private Key and a Public Key. These keys work together to create a secure channel of communication between a customer and a server downstream of an authentication step. The SSL encryption ensures that important data like user names, passwords etc sent by the user to the server remain private and integral.
What does TLS mean?
TLS (Transport Secure Layer) is a successor to the secure socket layer which uses the features of SSL 3.0 whilst improving certain functions and algorithms. It is more efficient than SSL because unlike SSL it supports pre-shared keys, secure remote passwords, elliptic curve cryptography and Kerberos.

TLS and SSL are not interoperable but TLS offers upward compatibility for older machines which are still using SSL.

The TLS protocol specifications take place on 2 levels:

  • The TLS Record Protocol which ensures that the connection is private
  • The TLS Handshake Protocol which allows authentication between the server and customer and the negotiation of cryptographic keys before the application protocol transmits any data.
What is strong authentication?
Strong authentication is any method of allowing a user to access resources (systems, networks, applications) by combining at least two factors of authentication. The aim is to address the weaknesses of single sign-on systems which rely on only one factor of authentication (usually a memory factor such as a password) in order to make authentication more difficult to withstand an attack.

Strong authentication therefore combines several authentication strategies including:

  • Something You Know – includes passwords and phrases
  • Something You Have – includes smart cards and token devices
  • Something You Are – includes fingerprints and retina scans

This information is then linked to an identity and access management solution which is in turn linked to the company’s directory or a metadirectory which references all the base users and their rights.

What does SSO mean?
Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials to access multiple applications. The user creates a password at the beginning of the session and can then access several IT applications without having to renter their login credentials for each application.

SSO eliminates the need for users to remember and manage several different sets of login credentials or passwords.

However, by grouping a user’s authentication credentials, SSO increases the value and amount of data which may be breached in the event of the password being stolen.

What is penetration testing?
A penetration test is a method of evaluating the security of an information system or a computer network.

It consists of testing the security of a computer network infrastructure by simulating an attack by a malicious user or even malware. The tester assumes the role of the potential attacker (hacker). The aim is to find exploitable flaws and vulnerabilities and to define an action plan to improve the security of the information system.

What are the different approaches to penetration testing?
Black Box Testing: involves breaking into a system without any information. The hacker discovers the environment and tries to figure out how to get into the target system as an outside attacker might do.

Grey Box Testing: the tester attempts to break into the information system with a limited amount of information. This makes it possible to verify the flaws in a system by posing either as a company employee with internal access, or as the starting point for a hacker who has succeeded in obtaining an employee’s credentials

White Box Testing: This method offers the tester the possibility of detecting a maximum number of security flaws. By having access to all the desired information, the pentester is then able to inspect the system from top to bottom and reach a stage that might not have been reached with a different method. In this case the tester works closely with the company’s technical teams.

What does SOC mean?
A SOC (Security Operations Centre) is a service with dedicated staff, facilities, systems and software dedicated to monitoring and handling all or part of the company’s IT security operations. As a centralised unit, the SOC is designed to offer a broader global view of system-wide activities and to prevent, detect and handle security incidents efficiently.
What is Ransomware?
Ransomware is a type of malicious software, or malware received by email or contracted by visiting an infected website which is designed to deny access to a computer system or data by encrypting information such as customer files, accounting, invoices, quotes, designs, photographs, emails etc) until a ransom is paid by the victim. The victim then receives instructions about how to pay the ransom.
What is a Botnet?
Otherwise known as a network of robots or of zombie computers, a Botnet is a network of devices whose security has been breached and which are controlled by a hacker. The network is designed to allow the controller to send instructions to all or some of the Botnet machines and to operate them for his own purposes.
What is Phishing?
Phishing is a fraudulent attempt to steal a user’s identity or to obtain information such as usernames, passwords and banking details. The hacker poses as a legitimate institution to lure users into enter sensitive data on a fake website. Typically the user receives an email asking them to visit the fake website.
What is a Vulnerability?
Vulnerability refers to a flaw or weakness in the design, development, installation or configuration of a system or the specifications in the way it is used, which leaves it open to attack either through malicious intent or through error. A vulnerability may be exploited by code and lead to an intrusion in the system.
What is a Digital Identity?
Digital identity is information used by the Internet to represent an individual. This identity is generated by the individual’s online activity as they surf the web and communicate with companies and individuals leaving an active or passive permanent trail of data.
What is an ISP?
An ISP or Information security policy is a set of policies issued by an organisation to ensure a certain level of security. The ISP reflects the strategic approach of the organisation’s management team (SME, IMP, industry, administration, State, Union of States etc) with regards to the information security policy. It is a fundamental component when defining the goals to be achieved and the means to achieve them.

The process for defining this policy is based on a risk analysis of the IT system security.

Once it has been validated by the organisation’s IT security team, the ISP must be given to all those concerned by the IT system (users, operators, sub-contractors, providers etc.) It acts as a communication tool for the organisation and its ISP responsibilities, plus the resources available to prevent against risks.

What is ISO 27001?
ISO/IEC 27001 is an information security standard for ISO and CEI systems. Part of the ISO/IEC 27000 family of standards, it is intended to certify organisations by specifying specific requirements for establishing an ISMS (information security management system), to minimise the risks of loss, theft or alteration and protect IT systems from intrusion and disaster.
What is a CISO?
The Chief Information Security Officer or CISO of an organisation (business, association or institution) is the executive responsible for ensuring the security, availability and integrity of the IT system and data.

The CISO is usually responsible for handling IT risk management for the company. They draw up action plans and recommendations for network and system security, physical security, informing users about security risks and establishing an action plan for business continuity in the event of an incident. The CISO must also help establish and implement a security policy with a focus on continuous improvement and performance assessment. Accordingly, they also oversee the creation of an ISP within the company.

Would you like to know more?

Contact us on +377 93 15 93 15 or by clicking here