Custom Search



Home

Security

Security Services

Security Audits

SOX Compliance

HIPAA Compliance

Data Storage

Office In Your Pocket

Business Web Presence

Security Blog

Other ISSCP Services

Sitemap

Our focus is to provide you, our client, with a full array of security services. We offer:
  • Policy Reviews
    		•
  • Risk Assessments
    		•
  • Security Implementation
    		•
  • Social Engineering Awareness
  • Security Audits
    		•
  • Risk Audits
    		•
  • Social Engineering Tests
    		•
  • Compliance Audits
    		•
  • Vulnerability Assessments
    		•

    Our Goal is to help you succeed and rise above the security challenges faced today. We will gladly guide and walk you through the maze of compliance requirements. You do not want to see your name associated with headlines such as those listed below and neither do we:

    • 11,500 credit card numbers on hacked server

    • Names and Social Security numbers of 80,000 customers on stolen laptop
    • Medical information found in dumpster, medical records breached
    • 3,000 PHI records accessed through compromised account

    This does not bode well for anybody, why let it be you?

    Allow our industry certified professional security consultants to sit down with you and discuss your current security problems, plans and issues. Let us help you improve your security, ROI and more importantly your customer confidence in you.

    With the ever pervasive nature of computing, especially the Internet, security (often the lack thereof) is becoming more and more an absolute necessity, not just for business, but for simple survival.

    As a business how much personal, confidential, classified or vital information does you company hold, and are you aware of ALL the places that information is residing?

    Perhaps in printouts, in drawers, on hard drives. Maybe on backup tapes, or at your remote storage site, or alternate hot-site. Perhaps even on your employee's laptops, PDAs or their PC they use at home so they can work late. Your data lies in many places, often in different versions or states of completeness.

    Ever stop to think what would happen should that information comes up missing, or worse, be used against you? This is a reality that we are faced with all too often.

    (take at look at http://www.attrition.org/dataloss/ they hold the statistics of the current US breaches that have taken place.)

    Business relies and survives on the information that it has in it's possession. Historically security is always the last item to be addressed and the first item to be dropped. Now businesses are paying the price. To ensure owners stay focused, federal legislation has been introduced (with more on the way) to see to it that businesses become a trusted source and that they are doing their best to protect what is theirs, but MORE importantly, what has been entrusted to them by their clients and customers.

    Business is no longer conducted in the small city block from a physical location during the hours 9 - 5. Business is now conducted internationally 24 hours a day, 7 days a week, 365 days a year. Business partners, be it clients, suppliers, distributors, even staff, can be located anywhere around the world. Even though IT has revolutionized the business world, it has at the same time caused major problems that have not been a major dilemma until now. For instance, think about your security. You lock up at night. You have security guards or even CCTV. But what about your IT security? Are you safe from the disgruntled employee, or worse, the malicious hacker based in another continent?



    Related Links

    http://www.isaca.org/

    http://www.issa.org/

    http://www.sarbanes-oxley.com/

    http://isaca.org/cobit/

    http://www.cert.org/

    http://attrition.org/dataloss/

    http://www.securityfocus.org

     

    Threat   vs. Compliance

    Threat

    		  

    Compliance

    • Virus
    • Trojans
    • Worms
    • Buffer Overflows
    • Hackers
    • Identify Theft
    • Social Engineering
    • ...
    • ...
    • and on.
    		 
    • SOX (Sarbanes-Oxley Act)
    • HIPAA
    • SAS 70
    • GLBA
    • PCI
    • IT Governance
    • Policies and Controls
    • ..
    • ..
    • and on.
     
    ISSCP does not view compliance as an evil, but unfortunately many people do.
    For CIOs it's a pain to deal with,
    For CFOs it's an expense eating away profits,
    For CEOs it's the nightmare that keeps them awake.
    Yet like it or not, compliance is a necessary evil. We would do well to find the positive and see compliance as a gem of benefit
    For CIOs it's a tool to justify IT expenditure and prove ROI,
    For CFOs it's a quality standard that attracts investment and confidence,
    For CEOs it's the controls that assumes all is well.

    Let's face it, with out rules or guidelines things would quickly turn to chaos. Yet we develop and learn from Chaos, so out of Chaos comes order.

    "Chaos is the enemy of Order but the enemy of Chaos is also the enemy of Order" Norman Spinrad

    All business is based on trust. Without trust business can not survive. Ask yourself, "am I as concerned with the client's personal data entrusted to me in order to do business, as I am with my own business trade secrets and business practices?"