Network security is ever changing with new threats found everyday. Let us optimize and protect the most critical part of your business. We do the research to stay ahead of threats so you don't have to.
The first phase is an assessment of your physical security, your virtual security and the adequacy of your company’s security policies and procedures. The assessment answers the questions, “Are we living up to our security framework? And if not, what needs to change?”
A security assessment needs to be done every year (or perhaps more often) because the risks are always changing and because people get complacent.
To begin the remediation phase, we’ll make a basic plan for neutralizing the risks that were uncovered in the assessment. (And risks are always uncovered.)
We’ll discuss the remediation plan with your Security Officer, and you’ll need to decide who will tackle each remediation task. If your internal team has the time and expertise, they can do it all. If not, we can do it all or we can collaborate with your people and divide up the tasks. In any case, we can serve as your project manager to make sure the work gets done right.
Remember that remediation isn’t just fixing the technology; you need to get the business practices right, too — security awareness training, procedures for on-boarding and terminating, checks and balances to make sure your people are walking the walk, and many others.
Monitoring is needed because security is a moving target. What kept you safe last month, may not work this month.
Different companies need different levels of security monitoring. The most basic level would be to refresh the security assessment each year. Beyond that, you might need to add more advanced firewalls, security monitoring systems, login systems, intrusion prevention systems or other proactive scanning systems. If your organization is subject to compliance rules like HIPAA or PCI, or you hold very sensitive data, you may need to outsource monitoring to a Security Operations Center (SOC) with full-time security people who have more training than most IT people.
We can set up any level of monitoring for you, from basic to maximum. And we can connect you with top-level SOC’s and manage their service to you.