An established information security and technology consultancy: enterprise security architecture, lead security project management, security awareness training and auditing with extensive experience of commissioning projects containing highly sensitive data where information confidentiality, integrity and availability of service has been of major importance.
• Certified ISMS Lead Auditor (ISO 27001)
• Certified Information Systems Security Professional. (CISSP)
• ISO 27001 Audit and ISMS Implementation requirements
• Payment Card Industry compliance
• Risk Assessment and Triage
• Vulnerability Analysis / Management
• Security Awareness Training
• Business Continuity and Disaster Recovery Planning / Implementation
• Telecommunications and Network Security
• Legal and Regulatory Compliance
Since its launch in 2009 as a secure website development company, the company has built up a strong reputation for reliability and client satisfaction when helping them become secure and comply with contractual obligations.
Other speaking engagements include chairing the information security debate for the media industry at Publishing Expo, Earls Court and presenting compliance requirements at Infolab21's cyber security conference in Lancaster.
A key focus is helping local companies demonstrate compliance with international standards to help win contracts within the supply chain - though we have also helped multinationals to achieve compliance as can be seen in the list of sectors below:
Subject Matter Expertise analysing and assessing network and application vulnerabilities in order to maintain best practice procedures for patching the required systems in the correct order and in a timely manner (triage).
This was a huge project that involved taking data from several thousand servers internationally (using McAfee Vulnerability Manager), liaising with all the different platform and remediation teams, setting targets, baselines and compiling reports for Senior Management.
The office automation processes we developed to help the teams assemble data became vital to the success of the project - vastly improving the ability monitor and report vulnerabilities and action the required remedial work. This contract required Scotland Disclosure clearance and strict adherence to PCI, Sarbanes Oxley and ITIL
• Nuclear Supply Chain.
In line with ISO 27001, we have conducted a complete risk analysis programme and formulated policies and procedures to demonstrate that Information Security is of paramount importance when handling and sanitising commercial hardware that has originated from companies holding Sensitive Nuclear Information.
All business processes, software applications and telecommunications were audited and recommendations / implementation plans drawn up to commission a secure disaster recovery site to maintain availability of data processing functions.
• Software Houses.
These have clients who are large multinationals. We have been asked to oversee the implementation of ISO 27001 to allow them demonstrate their commitment to information security to help win and maintain contracts.
• Market Research Companies.
Developing strategies and solutions to secure the sensitive commercial information of high profile clients and personal details of participants. This involves developing training plans, writing policies and procedures, assessing Data Leakage, Firewall, malware and infrastructure solutions and making recommendations.
• Publishing Houses.
We have coordinated the PCI (Payment Card Industry) compliance programme to ensure sensitive data is handled and transmitted appropriately at the Head Office and remote sites. Conducting full gap analysis, risk assessment of business processes and forming implementation plans to instil a culture of security in the company and identify requirements to aid the selection of new software applications, physical access controls and network hardware.
• Online and mail order companies
Both local and national, have benefited from our ability to devise solutions to pressing IT security problems - many requiring a complete redesign of workflow and some benefiting from targeted adjustments to existing systems in order to meet PCI requirements.
Indelible Designs Limited was founded in Aspatria, Cumbria by Tony Wilson (BSc Hons, CISSP) in 2010. The Information Security division, Indelible Data was created with the mission of ensuring the confidentiality, integrity and availability of users' personal and private information.
This is achieved through the delivery of secure websites and applications together with talks and security awareness training for everone - from hotel receptionists to IT directors of major corporations.
Tony has designed and configured secure workflows for major media enterprises in the Middle East, Far East and Europe where security is of paramount importance.