The Technology Group, LLC is pleased to offer a NO-COST Security Review and Evaluation to qualified Non-Profit Organizations, Medical Firms, and Financial Institutions in the CT, NY, MA and RI area.
The value of an independent, objective evaluation of security over private data cannot be underestimated. With a hypersensitive public that expects their information to be kept private, firms have an increasingly more demanding job keeping up with security let alone technology.
The same can be said for having an expert Security Engineer oversee or implement your security program. Only an engineer that focuses on security can provide assurance that you are doing all that is appropriate to protect your confidential data.
Whether your organization faces a security mandate such as those promulgated by HIPAA, FDIC, NCUA, or other regulatory force, we are ready to help you achieve compliance!
Security Audit Services
The overall objective of an Information Technology (IT) Security Audit is to evaluate the controls over information technology that are in place and make recommendations for improvement. The result? Recommendations for an appropriate level of protection over confidential, proprietary, or important data. The security audit we custom design for you will incorporate your compliance requirements as well as “best security practices” for your organization. A complete security audit often combines a compliance audit with a Network Vulnerability Assessment (NVA) as described below.
Network Vulnerability Assessments (NVA)
NVAs are performed by high-level Security Engineers and Certified Information Systems Auditors (CISAs) using a proven approach and standards including those developed by the Information Security Audit & Control Association. While each NVA is custom tailored to the industry, risk level, and size of company, the following items are typically addressed:
Network infrastructure design
Hardware, software and other security systems
Servers for settings that follow "best practices" regarding security
Firewall adequacy, security settings, and related systems
Relevant plans, policies, processes, and documentation regarding security
Disaster Recovery Plan
Business Continuity Plan
Security Plan
Acceptable Use Policy
A final report is provided that includes specific guidance on improving security with prioritized implementable recommendations. No esoteric jargon filled pages to toil through, just valuable custom recommendations for you to implement.
Security Implementation & Remediation Services
Design & deploy secure network infrastructures for the protection of the most confidential information assets including:
Financial information
Protected Health Information
Government information
Intellectual property
Ensure compliance with laws, regulations, and security guidance affecting your organization including:
NCUA
Gramm Leach Bliley Act
FTC
FDIC, FFIEC
HIPAA Security Rule
Evaluation, guidance, & preparation of security plans
Evaluation, guidance, & preparation of Disaster Recovery Plans
