Skip Navigation

Ramesys - Private Sector

Security Services

Ramesys offers a wide range of security services based on industry’s best practices and products. The four tenets for information security are:


  • Confidentiality– Ensure information is only accessible to those who have authorised access
  • Integrity– Safeguard the accuracy and completeness of information and processing methods
  • Availability– Ensure that authorised users have access to information and associated assets when required
  • Audit– Conduct a formal review of the practices and processes to ensure effectiveness.

These tenets are embedded in our approach to security and form the premise of our system design, configuration and implementation. Unfortunately, threats to system security are ever changing, including internet-based attacks, Viruses and Trojan horses, and insider attacks both deliberate and accidental. That’s why Ramesys addresses security services in these key areas:

  • Perimeter Security
  • Local Area Network (LAN) Security
  • Remote Access Control
  • Content Security and Filtering
  • Host-based or Endpoint Security
  • Strong Authentication
  • Business Continuity and Disaster Recovery.

Perimeter Security

The days of a basic firewall blocking specific traffic from the internet have passed, and complex access rules and checking are now required. The newer types of firewalls not only check the type of traffic, they also inspect its content to ensure it conforms to the appropriate standards. The increased mobility of users has also added the need to allow more services through the perimeter security devices while maintaining internal security and control.

The following perimeter services are available through

  • Firewall Installation and Configuration
  • Firewall Management and Monitoring
  • Existing Security Reviews
  • Penetration Testing.

Local Area Network (LAN) Security

User privileges and data access can be restricted to minimum levels required for a user to complete their required tasks. Access to local PC resources can be restricted or removed where required, to protect the integrity and the legality of the software running on a device.

Ramesys offers a full LAN security audit and documentation


Remote Access Control

The ability for users to access business information securely from anywhere has become a major factor for many companies over recent years, especially since the availability of cost effective broadband access. To provide these services over the internet, the information needs to be secured using cryptography and we offer the following services:

  • IPSec VPNs
  • SSL VPNs.

Content Security and Filtering

Every day new threats such as Viruses, Worms, Trojans, Phishing attacks and Spyware programs cause financial loss to companies through system damage, loss of confidential information and loss of productivity.

Breaches of security, or use of inappropriate content may also take place within the company.

A web content server can check for viruses, known Phishing sites and inappropriate content. The content filtering of emails completes similar checks but can also provide spam protection, reducing unwanted or malicious emails. Email content checking can be local or a hosted solution.


Host-based or Endpoint Security

Host-based security can be relevant to all internal systems including user machines, while some components – such as Antivirus and Intrusion Prevention Systems – may only need to be deployed on Business Critical Servers.

Intrusion Prevention Systems look for unexpected behaviour and prevent malicious applications from changing registry and system settings, protecting the device from attack.


Strong Authentication

Two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator)– providing a much more reliable level of user authentication than reusable passwords. Users only have to remember a 4-digit pin number which they enter followed by the code from their authenticator – a password that changes every 60 seconds.

Two-factor authentication can be implemented on some or all of a company’s systems, and can significantly reduce password management for IT teams.


Business Continuity and Disaster Recovery

Business continuity planning, together with disaster recovery, provides organisations with the processes to recover or restore business operations after a disaster strikes.

Business continuity planning is concerned with keeping businesses operational, whilst disaster recovery is concerned with restoring normal operations. With these definitions in mind, a risk assessment strategy is the starting point for any business.

When systems and processes have been prioritised by maximum tolerable downtime, procedures can then be put into place to facilitate the continued business operations.

These can include some or all of the following:

  • Clustering and High Availability
  • Real-time data replication
  • Data back-up.

Information Security Management System

The ISO 27001 has been prepared to provide a model for establishing, implementing, operating, monitoring, reviewing, maintaining and improving an Information Security Management System (BS ISO/IEC 27001:2005).

The standard is a management standard and not an information technology standard; it adopts a process based approach and uses information security best practices. Certification to the international standard can be used to assess conformance by interested internal and external parties.

The standard is based on a risk methodology and gives a business, its partners and customers confidence that appropriate measures have been taken to protect the information the business holds. The audit requirement ensures that the information Security System is regularly reviewed so that it remains relevant to changing business requirements

To discuss your requirements in more detail, call 0115 971 2070 or e-mail security.services@ramesys.com.