 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Secure IT Experts will work with you to protect the confidentiality, integrity, and availability of your information from cradle to grave. Our goal is to help you Protect your information assets, Detect intrusions, penetrations and attempts to access this data, and React to any incidents which may occur. In this regard, our services are geared toward assisting you to comply with your unique regulatory environment.
PROTECT
Secure IT Experts provide you with a variety of services designed to protect your information assets. These include Information Assurance strategic consulting services which include – information security policy planning and development to assess the risks of new business ventures, IT strategies, software or hardware deployments or configurations, document retention and destruction policies, archiving and data backup and secure code review.
We will also scan and test your environment, and provide secure penetration testing services, port scanning, internal and external (DMZ) scanning to test the configuration of your networks, web sites and the status of your intrusion detection/intrusion prevention and incident response services.
Working with partners, we develop specialized threat assessments aimed at your unique environment. We also offer global intelligence services to protect your brand, your reputation, and your information.
| (Click on Link for a PDF Service Sheet.) | Brief Description of Service Offering. | More Information? | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| SecureITExperts | "Secure IT Experts understand information security program…..not as a piecemeal technology fix" "We are agnostic regarding technology...we will provide the solution that is best for you and your organization". | If this Service is of interest to you and you would like more information on Secure IT Experts, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| CloudComputingServices | When an organization migrates to the cloud, it shares a computing resource with all of the other users of that cloud. Applications are no longer "owned" but "leased." New versions migrate online almost instantaneously. Many of the traditional "layers" of security disappear in the cloud. | If this Service is of interest to you and you would like more information on Secure IT Experts, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| EthicalPenetrationServices | All companies have valuable information and technology that is critical to the un-interrupted operation of the business. Security is not in-expensive. But, what is the cost of interruptions to your organization? Is your organization vulnerable? The only way to find out is to have external unbiased third parties assess the risk. Today with the evolution of technology, comes the evolution of threat. Why not let us help? | If this Service is of interest to you and you would like more information on Secure IT Experts, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| Assessments | Having an unbiased “Third Party” assessment of your entire technical enterprise and risk mitigation capabilities is imperative to the well being of your enterprise. Or, are you content taking the word of your employees, that “everything is fine” | If this Service is of interest to you and you would like more information on our Assessment capability, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| SecurityBenchmarks | Do you have a compliance requirement? * Local ? * State ? * Federal ? * Corporate ? Do you answer to the Board of Directors? Stock Holders? Private Investors? How does your security posture compare to your competitors? | If this Service is of interest to you and you would like more information on Security Benchmarking, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| HIPAA | “Any organization that provides data transmission of PHI must enter into a HIPAA-compliant business associate agreement. This applies to “any vendor that contracts with a covered entity to allow that covered entity to offer a personal health record to patients as part of its electronic health record.” | If this Service is of interest to you and you would like more information on HIPAA, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| PCI | Millions of credit cards have been exposed through a series of serious incidents that have occurred in recent years. They include: *Hannaford Brothers lost 4.2 million credit cards. *Heartland lost 100 thousand cards in 2009. | If this Service is of interest to you and you would like more information on PCI, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| RedFlag | FTC and SEC Red Flag Rules Enforcement in Effect Aug 1, 2009 *Applies to Financial Institutions and Creditors *Written Program to Identify “Red Flags” for ID Theft and ID Fraud and Mitigate Them. *Additional Liability to Covered Entities. | If this Service is of interest to you and you would like more information on Red Flag, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| Policy | ""Information Security policy is not only important for your employees and vendors to understand, its proper creation and delivery can be a requirement in audits, legal compliance and in some cases business partnerships" | If this Service is of interest to you and you would like more information on Policy, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| Risk Management | “Many organizations attempt to reduce risk only by implementing physical defenses like weather barriers or fire suppression. True risk management is all this, but is also creating an environment that takes control of the situation and uses good planning to create increased value and real benefit. ” | If this Service is of interest to you and you would like more information on Risk Management, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
| State. Privacy Law | *Create a written policy for guiding compliance. *Conduct appropriate employee training and designate a Data Security Coordinator *Implement technology controls to protect electronic records *Respond quickly and appropriately when a privacy breach is suspected | If this Service is of interest to you and you would like more information on State Privacy Laws, Please click here. | ||
| ---------------------------- | -- | -------------------- | -- | --------------- |
Regulatory Compliance and Assurance Services.
Our unique experience in the areas of regulatory compliance and assurance means that we can work with your IT, legal, compliance, audit and security staff to develop a comprehensive information assurance program that meets or exceeds your current or anticipated regulatory requirements. Moreover, we can map your existing IT security practices against a host of domestic or international security and privacy regulations, perform a gap-analysis, document the areas in which you are or are not compliant and develop and implement a strategy for becoming compliant.
Risk Reduction and Insurance Mitigation.
One of the reasons for data protection is to decrease security and potential liability costs to your enterprise. The Secure IT Experts offer world-class experts in risk reduction, security and risk mitigation to help you mitigate the threats to your ongoing business operations and reduce the risk of exploitation.
Incident Response Services.
- Incident Response Policy Development and Review – working with your IT, HR, legal and security staff to develop and test incident response services.
- Crisis Communications, Planning and Deployment – protecting your corporate brand and reputation in the event of an information security breach or incident.
- Table-Top Training and Exercises to ensure that incident response capabilities are appropriate to your needs.
- Forensic Data Recovery and Investigation. Collecting data about potential incidents in a forensically sound manner to ensure the usability of data after the incident.
- Law Enforcement and Regulatory Coordination. Coordinating your responses where appropriate with relevant federal, state, local or international law enforcement or regulatory agencies to best protect your assets and reputation. We will work with your counsel to ensure compliance with all relevant data breach notification laws, regulations and procedures.
Disaster Recovery and Business Continuation Planning.
Comprehensive DR/BCP consulting and testing services including hot and warm site evaluation, data backup and retention review, training and awareness and regulatory compliance.
Training and Awareness Services.
Working with partners to develop comprehensive automated or in-person IT security and awareness training appropriate to various levels of your organization, from the executive level to the IT and security staff level and on to the end-user security training.
