Diagnosis

Step 1 - Determine Needs

This was a busy year for hackers. A billion Yahoo accounts were compromised; an unsecured email server containing classified documents was discovered;  state sponsored  Russians were accused of muscling in on the US election, and ransom ware has been at an all-time high. The inability of corporations to protect themselves has caused many corporations to incur heavy financial loss, breaches of privacy, and downtime of business operations. These cyber risks are generated from hackers, malicious software, disgruntled employees, competitors, and terrorist. Security is now a major concern for corporations. Security outweighed other information technology concerns by a factor of three.  Security budgets have increased between 10% and 28% in the last 5 years. And still today the majority of  corporate executives are unsure about the effectiveness of their security programs. Our internal survey determined 35% of all employees felt their information technology security programs were inadequate.

This has certainly led to a more concerned awareness of the information security risks.

In order to solve this problem, we have put together and developed a procedure utilizing a set of software base agents that can scan each device on a network and collects data related to a specific list of security concerns. We currently have a standard non-security needs assessment and 3 highly focused security assessments.

Standard Needs Assessment
Onsite Survey, Interview, No Cost Review of Problem/Addition/Upgrade and recommended next course of action

Security Risk Assessment
Onsite Survey, Interview, Checklists, Elaborate Scan, Physical Collection of Evidence, Detailed Report, Onsite Discussion of Findings & Necessary Remediation

HIPAA Security Risk Assessment
Everything from our security report plus evaluation of each HIPAA rule including rule number and recommended remediation

PCI Compliance Assessment
Everything from our security report plus an evaluation of data security requirements when storing merchant accounts and personal credit card information

Each Assessment begins with an onsite survey and interview. We can then deploy our non-invasive probe to your domain controller and it will send out an agent to each workstation on your network. Once deployed the agent will conduct a scan that thoroughly evaluates each security concern on each machine. The findings from each agent are then sent back to the probe where date is copied on to a usb stick and safely transport it to our technical team.  Our team then evaluates the findings and produces a comprehensive report detailing each security concern and, if applicable, each associate rule. In the final step, we will schedule a meeting to discuss the security risk assessment and what steps are necessary to correct and any problems that may exist.