Our approach to IT auditing and security assessments is to first gain an understanding of your business, environment and security objectives. This allows us to create for your organization a key findings report about your organization and a set of specific security related recommendations.

After the process, you will have answers to some key questions:

• Is our information safe and secure?
• We know we have issues; can we have a baseline to prioritize risk?
• How do we compare to similar companies and overall best practices?
• Do we meet various IS/IT regulatory standards?
• What are some risk mitigation techniques we can implement?

While each project is different, here is what a typical scope of work includes:

• Authentication and Access Control
• Network Architecture and Segmentation
• Firewall and Router Configuration
• Patch Management & Software Bugs
• System Configuration Settings and Hardening
• Confidential Data Handling
• Physical Security
• Spyware, Malware, Anti-Virus
• High Availability and Single Point of Failure Analysis

Our security audits include: Penetration Testing Web Application Security Assessments, Internal IT Security Assessments and Social Engineering. Most of our services address various compliance issues including PCI, NIST, FFIEC, GLBA, HIPAA, etc.