The same can be said for having an expert Security Engineer oversee or implement your security program. Only an engineer that focuses on security can provide assurance that you are doing all that is appropriate to protect your confidential data.

Security Audit Services

The overall objective of an Information Technology (IT) Security Audit is to evaluate the controls over information technology that are in place and make recommendations for improvement. The result? Recommendations for an appropriate level of protection over confidential, proprietary, or important data. The security audit we custom design for you will incorporate your compliance requirements as well as “best security practices” for your organization. A complete security audit often combines a compliance audit with a Network Vulnerability Assessment (NVA) as described below.

Network Vulnerability Assessments (NVA)

NVAs are performed by high-level Security Engineers and Certified Information Systems Auditors (CISAs) using a proven approach and standards including those developed by the Information Security Audit & Control Association. While each NVA is custom tailored to the industry, risk level, and size of company, the following items are typically addressed:

• Network infrastructure design
• Hardware, software and other security systems
• Servers for settings that follow "best practices" regarding security
• Firewall adequacy, security settings, and related systems
• Relevant plans, policies, processes, and documentation regarding security
  • Disaster Recovery Plan
  • Business Continuity Plan
  • Security Plan
  • Acceptable Use Policy

A final report is provided that includes specific guidance on improving security with prioritized implementable recommendations. No esoteric jargon filled pages to toil through, just valuable custom recommendations for you to implement.

Security Implementation & Remediation Services

• Design & deploy secure network infrastructures for the protection of the most confidential information assets including:
  • Financial information
  • Protected Health Information
  • Government information
  • Intellectual property
• Ensure compliance with laws, regulations, and security guidance affecting your organization including:
  • NCUA
  • Gramm Leach Bliley Act
  • FTC
  • FDIC, FFIEC
  • HIPAA Security Rule
• Evaluation, guidance, & preparation of security plans
• Evaluation, guidance, & preparation of Disaster Recovery Plans