Cyber Security

Storelink offers state-of-the-art security technologies integrated with expertise in System Integration to customize solutions to fit customers' needs. With years of experience, we are the ideal partner for physical and logical security.

Physical Security

Its general objective is to protect people and assets of the company involved in the production core process for the company. Storelink is able to respond to this need by means of design and construction of:

Access Control
using both traditional technologies:

• card,
• proximity,
• pin code, etc.

that biometric tecnologies:

• iris,
• fingerprint,
• face.

Video Surveillance Systems
using technologically advanced cameras (in wireless or wired ip technology) that also enable accurate and precise vehicular control and video surveys.

Intrusion Detection Systems
using both traditional perimeter systems:

• infrared,
• mircowave,
• sensor status.

that advanced systems:

• sensitive fiber optic fences,
• microphone,
• underground.

Logical Security

It deals with the integrity, availability and confidentiality of business information and is therefore a extremely critical component in the business prodution process; Storelink, for each of the following areas, is able to offer not only products and services but especially experience and solutions to problems.

• Network Layer
  state-of-the-art FW/IDS/IPS and SIEM systems
• Application Layer
  vulnerability assessment and penetration test
• Data Layer
  centralized backup systems and “storage based” Disaster&Recovery systems
• Layer Automation
  SCADA systems protection

Operational Security

Besides the adoption of appropriate technological measures related to the aspects outlined above, it must be defined a set of rules and procedures to regulate the organizational aspects of the same process.
Storelink supports the client to define the appearance of organization, with regard to the definition of roles, tasks and responsibilities for the management of the security process:

• Security policies: support the identification of areas of intervention and countermeasures appropriate for these areas;
• Regulations: Support the implementation of 196/2003 (privacy protection).

Consulting

Provides detailed and customized analysis of enterprise cybersecurity with threat identification and mitigation, ensuring effective protection against cyber threats.

• Cybersecurity Risk Assessment
  Provides consulting for enterprise security assessment, including analysis of policies, IT infrastructure, and networks. Identified risks, develops a mitigation plan and supports the implementation of security measures, ensuring continued protection from malicious cyber activity.
• Cybersecurity Gap Analysis
  Provides comprehensive cybersecurity analysis and improvement services, identifying gaps and developing customized remediation plans. Supports the implementation of security measures and we provide ongoing monitoring to ensure effectiveness and detect new threats.
• Static Application Security Testing
  It provides a Static Application Security Testing (SAST) service that detects and mitigates vulnerabilities in source code, provides recommendations for improving application security, and integrates the service into the software development lifecycle for continuous security monitoring.

Prevention

The Attack Prevention Service provides a comprehensive defense against emerging digital threats, protecting networks, systems, and corporate data with advanced technologies and proactive approaches.

Vulnerability Assessment
Supports companies with Vulnerability Assessment (VA) service, offering a comprehensive approach to identify, assess and mitigate vulnerabilities in systems, networks and applications.
The service involves several phases and approaches:

1. Collection of Information: Experts collect and analyze data on the network, assets and business applications, understanding network topology and critical assets.
2. Vulnerability Scanning: It uses automated scanning tools to quickly detect known vulnerabilities in devices, operating systems, services, and applications to identify areas of greatest risk.
3. Vulnerability Analysis: Analyze scan results to assess vulnerability criticality based on severity, potential impact, and likelihood of exploitation.
4. Report and Recommendations: At the end of the VA, it provides a detailed report of identified vulnerabilities with clear recommendations and priorities for correction, optimizing the efficiency of corporate corrective actions.
5. Verification Test: If necessary, verification testing is performed to ensure proper remediation of vulnerabilities and effective implementation of security measures.

ENIS

StoreLink adopts a structured methodology based on NIST's best practices.

The NIST framework consists of five main areas, each with several subcategories that can be adopted or not depending on the context in which it is implemented.

ENIS - Entreprise Intellectual Security: Solution developed to protect corporate Intellectual Property.
It allows encryption of the core business: Software, Documents, files of any format.
The use of Jenkins and the HSM (Hardware Security Module) ensures automated and secure management of all components involved in the process with the production of encrypted optical media.