Request an evaluation about the appropriate scoring that you should ask to your ICT provider
As a user of ICT services and in particular cloud service, you may wonder what the appropriate level for your needs is.
We can trend to require the maximum, ie A+ A+ A+, but it will usually become inadequate, due to excessive security measures that would impose the use of the service, in addition to implementing them would certainly cause an unnecessary increase on its price.
We must also be aware of the different needs in three dimensions. For example, to guard the formula for Coca-Cola®, it will be necessary to have an A+ on Confidentiality and Integrity, but since access to this formula probably will not be required 24 hours a day, the level of availability can be much more flexible.
Since our controls incorporate national and international regulations, we can establish a series of equivalences that provide visibility to the LEET levels. As examples:
Nivel C – Implements security measures for treatment of personal data of BASIC level
Nivel B – Implements security measures for MEDIUM level
Nivel A – Implements security measures for HIGH level, as well as the PCI-DSS controls
Nivel C – Similar requirements to those established by TIA-942 Tier 2
Nivel B – Similar requirements to those established by TIA-942 Tier 3
Nivel A+ – Similar requirements to those established by TIA-942 Tier 4
However, because each company has specific needs and should meet very different requirements, regulations and laws, there may be doubts about the level of qualification that best suits your needs.
For those who wish to use our scheme, LEET Security offers personalized advice, so they can understand the levels and security qualification criteria, and can determine which rating is more suitable for the ICT services they want to hire.
Do not hesitate to contact us and we will help you identify for free the qualification to ask your provider.