Projects

Identity & Access Management

Identity Management

ZEROPIU has an innovative approach to Identity Management projects which eliminate the (very common) dichotomy between an '"IT approach", focused on the management of roles and identities from a pure technical point of view and an "HR&Organization approach" concentrated on the identities of the business entities and their related logics of data and application access.

ZEROPIU has made and still continues to deliver many successful projects, focusing
on skills and needs of the different business areas involved, ensuring in this way a more complete and comprehensive view on roles and identities.

To achieve this level of efficiency, ZEROPIU provides high skilled consultants able to interface with all the business areas involved in the project so providing a dual approach to identity management:

  • "Bottom-up" to adapt the IT aspects of the project to the existing infrastructure, involving the company's area of reference
  • "Top-down" involving the company organizational departments in the processes of analysis, design, definition and engineering of roles

Another distinctive character of ZEROPIU approach to Identity Management projects, is the methodology of incremental roll-out, designed to gradually consolidate, avoiding a single huge roll-out, the enterprise applications involved in the process.

This approach has proven over the years a greater motivation of the involved company resources and a lower impact on the already established processes.

 

Access Management

For ZEROPIU an Access Project Management has a primary goal: the effective integration of security infrastructure and business applications. Over the years it has been developed a methodology that abandons the traditional "limiting" approach in favor of an "enabling" one able to better meet the business needs of the customer.

On the contrary of the "restrictive compromise", in which application functionalities may be reduced or offered in an unsafe mode, ZEROPIU thanks to its strong partnership with the major vendors, tailors the product on the Customers' needs, extending and customizing market-leading solutions.

All in all ZEROPIU, in its projects, ensure the quality and the certain costs of an industrial product and in the same time the effectiveness and flexibility of a solution "custom tailored".

ZEROPIU is able to address all the different technology aspects that an access management project may involve: eSSO, WSSO, Strong Authentication, Adaptive Access Management, etc.

 

Since 2003 all ZEROPIU projects have been conducted in compliance with the ISO 9001 quality standard.

Data Security

The "data" is, in the Information Society, the real value: today's most important business assets are often in electronic form, i.e. it has long been evident to everybody that most of the money is exchanged electronically.

The protection of data can therefore always be considered the ultimate goal of any IT security project. Consequently, the ZEROPIU approach to data security, can only be comprehensive and integrated in a vision including security from unauthorized access, safety data management, compliance with regulations and standards, application security, and finally the security of the data itself.

ZEROPIU develops different types of projects based on:

  • modes of delivery of the data to the applications
  • security of data traveling over the network
  • access management to data and tracking of sessions
  • management of structured data

In these projects various technologies are used : DLP, Network DLP, DB Audit, Data Vaulting, Data Masking, DB Firewall.

 

Finally, it should be noted that these aspects will have an impact on compliance and regulations to be complied with (privacy, confidentiality of clinical data, financial information, PCI).

ZEROPIU has developed several projects that, through proper management of and access to this data, help to ensure the compliance with the related standards or policies.

 

 

Since 2003 all ZEROPIU projects have been conducted in compliance with the ISO 9001 quality standard.

Application Security Audit

ZEROPIU projects in Application Security Audit field combine the benefits of the adoption of standard products with the expertise of certified professionals in software development in the security market.

In reason of its history ZEROPIU has built over the years resources able to review, on time and according to certified standards, the code of software applications that the customer intends to submit to what is commonly called Application Security Audit.

This type of project overlaps with common functional or formal revisions of a test specifically dedicated to security, aiming at identifying cycles and functional areas that may potentially expose the company's platform to vulnerabilities and "exploits" of safety.

The Application Security Audit is fundamental for all those companies that completed the development of custom solutions, intended to test the application of industrial standards, subjecting it to an established chain of tests that ensure maximum availability of the application process.

ZEROPIU completes projects that develop on different levels:

  • Access security, exploit detection that make information available to unauthorized persons;
  • Security of contents, absence of bugs in the correctness and authenticity in its treatment;
  • Operational security and continuity.

Thanks to its DNA, ZEROPIU applies professionally and efficiently a test chain of the application code. Tests are conducted using best-of-bread products and supported with the activities of its team of highly qualified professionals, entering "the merits" of the code. This approach allows to directly intervene in the removal of vulnerability or risk to the integrity of the knowledge base, protecting corporate information assets from weaknesses difficult to identify as contained in the applications themselves.

 

Since 2003 all ZEROPIU projects have been conducted in compliance with the ISO 9001 quality standard.