Security Analysis and Planning
First and foremost, EVERY Business is unique. We get that. Depending on your needs, your budget and our recommendations, we create a plan that works for you, your industry, and your team. We make sure everyone is on the same page as far as expectations and requirements. In order for us to develop a good relationship together, we make it a point to spend time with you and your people, trying to understand your business, your goals, and concerns. We truly consider you a partner and not just another paycheck, and we will prove it. Only then do we do an extensive, comprehensive site audit, using a proprietary ‘Network Detective’. After generating customized reports, we go through each item, explaining the issues that exist and recommended ways to remediate them. We email you a copy of the report for your records, along with a follow up report when the issues are addressed. Different businesses have different needs and different compliance requirements. These can range from creating a security strategy, to full blown monitoring, archiving, log file analysis. We provide compliance programs for the most popular compliance entities:
- Payment Card Industry Data Security Standard (PCI DSS) – ANY company that takes credit cards needs to abide by these regulations.
- Sarbanes-Oxley (SOX) – Any accounting firm or other third party that provides financial services Formal penalties for non-compliance with SOX can include fines, removal from listings on public stock exchanges and invalidation of D&O insurance policies. Under the Act, CEOs and CFOs who willfully submit an incorrect certification to a SOX compliance audit can face fines of $5 million and up to 20 years in jail.
- HIPAA/HITECH – EVERY healthcare company – including homeopaths, chiropractors, acupuncturists, etc. needs to insure the security of it’s patients ‘Personally Identifiable Information’ (PII) AND Personal Health Information (PHI).
- The Gramm-Leach-Bliley (GLBA) or The Financial Services Modernization Act – Any financial institution that discloses nonpublic information or not, there must be a policy in place to protect the information from foreseeable threats in security and data integrity.
- The Federal Information Security Management Act (FISMA) – requires Federal agencies to develop, document, and implement an information security program to safeguard their systems and data.
and we can work to create a comprehensive program, regardless of your needs. TRAINING Even if we were able to fix every problem, your network is a dynamic system, changing every day. Your team needs to be aware of security issues, and how to address them in your daily business. We explain security in simple, easy to undertstand ways and answer any questions you or your people may have. We demonstrate the hardware and software solutions that you elect to implement. We work to get employee buy-in, so that everyone is on the same page and our efforts are successful together. And, as always, we provide contact information for our Partner Support Team.