From CFR Title 12 Part 30, 208, 364, 748, and 1016 (i.e. GLBA) to CFR Title 45 Part 164 (i.e. HIPAA) to PCI DSS Version 3.0 to SOC 2 Type 1 and 2, our audits can be tailored to fit your needs - engagements can address one, or all, of the above regulations / standards.
You may be compliant, but are you secure? We take a technical deep dive on your IT infrastructure, assessing availability, confidentiality, and integrity of systems and information.
We use Nessus, "The Most Widely Deployed Vulnerability Scanner in the World." We conduct both external and internal assessments, and all of our assessments evaluate PCI DSS V3.0 compliance.
DR PLANNING & TESTING
Social engineering (spear phishing), password cracking, traffic sniffing, and SQL injection / cross-site scripting - to name just a few - are penetration testing techniques we are proficient at.
We can evaluate, or develop, your risk assessment plan. Policies and procedures are provided at no additional charge. Controls, residual risk, and plan-of-action are evaluated for efficacy and accuracy.
Can you guarantee timely availability of all resources (systems and non-systems) necessary to operate critical business processes at an acceptable level? We can evaluate, develop, or test your disaster recovery plan.
GLBA, HIPAA, and PCI
Trust Service Principals - Security, Availability, Confidentiality, Integrity, and Privacy
Disaster Recovery and Incident Response
Search Engine Optimization and Marketing
Network and System Design, Operation and Administration
Social Media (Facebook, Twitter, YouTube)
Web Site Hosting Design, Operation and Administration
Telecommunications Design, Operation and Administration