Information Security

The two most important assets of any organization are the people who make it work, and the information they use to do so.  Today, both have been transformed by a revolution in Information Security.

Organizational information is embodied in the various records stored in computers.  Employees follow procedures and policies that predicate virtually every aspect of operating a business. A slew of regulations have become law, forcing massive re-engineering of information systems and re-training of personnel. Today,  governments, financial institutions, insurance companies and courts require that specific records be maintained, and further mandate the privacy and security of those records.  The cost of  precious time and money in a tight economy is enormous.

This is the Compliance challenge.

These challenging compliance requirements come at a time when threats to your critical information have never been greater (see Top 10 Threats).  The sheer intrusiveness of viruses, spam, spyware and other threats is making it almost impossible to truly know what lurks on your network.  Information security is no longer something that can be ignored or put off.  The price of failure is just too steep: federal penalties, lost clients, stockholder lawsuits, employee litigation and even criminal prosecution. ‘Best practices’ are now well recognized and widely available, so it is incumbent on executives to at least have some kind of program underway.

The is the Risk Management Challenge.

Compliance
State and Federal regulations and industry requirements (e.g. PCI) and regularly revised and updated. We strongly recommend that you consult with your organization's legal counsel to determine which of these are applicable to your organization. Once you have made this determination, we can assist you with specific vulnerability assessments tailored to your compliance requirements.

Risk Management
Once past the compliance hurdle, there are many choices to be made.  How much money for how much security?  What are Best Practices for my business? Find out more at the...

Risk Management Center

We believe the winning strategy is to leverage your investment in meeting Compliance requirements to also meet your Risk Management objectives.  

Unfortunately, Small and Medium sized businesses have become particularly at risk because they have to meet the same compliance targets as public corporations with their deep pockets and sophisticated IT resources.  Every hacker know this.  PC Magazine recently wrote, "As enterprises lock down their networks with an ever-expanding arsenal of security technologies, hackers have moved on to easier pickings—smaller businesses." 

The reason small businesses are so vulnerable is that often they think that they don't have anything worth stealing.  This misguided belief has resulted in some very expensive lessons around the country, and they are spreading at an alarming rate.

1. Employees

2. Spyware

3. Phishing

4. Disk Failures

5. Un-patched OS

6. Viruses & Worms

7. Bad backups

8. Power problems

9. IT Consultants

10. Hackers