Lean Security Reviews
Finding opportunities for you to better use what you already have, so you can be more secure and save money for the projects that matter.
Becoming 100% secure is impossible. That said, it is possible to identify and resolve common problems so the average attacker is encouraged to move on to easier targets. With a Lean Security Review conducted by one of our experienced security consultants, your company will receive a personalized document that provides you with practical, smart practices to combat common and industry-specific security issues.
The review is completely free and in no way signs you up for a future engagement. If you think we can help you further … fantastic. If not, we feel happy knowing our advice may have saved you from a future security breach. The fact is we are all in this fight together. And if our free review can help you ward off attacks, we all get one step closer to winning.
Request your personalized Lean Security Review today!
Here are the six threat vectors our review explores
Network Threats are those that are commonly envisioned when thinking about information security. These threats typically come from the internet or other untrusted networks and require targeted control of your network traffic.
Web Attacks are much like network threats, but are “pulled” by your own people, rather than “pushed” by attackers. Web Threats must be accessed, typically through a web browser. Web Threats often require tricking one of your employees in order to be successful. In today’s online community, social media has become a prime target.
Malware is a short-hand term for “malicious software.” This threat is often given names like “virus,” “worm,” “Trojan,” “spyware,” “adware,” or “bot,” but the technical details distinguishing these from one another are less important than the impact they can have upon your business … which can be extreme and directly focused on your bottom line.
Application Control and Patch Management refers to how you control the growing number and versions of applications that exist on your network. Application control issues can range from simple matters like removing unneeded applications to complex matters like defining ongoing patch and version requirements for managing the software and hardware on your network.
Data Loss events are those that keep many owners awake at night. The data on your systems is typically a combination of sensitive internal information and custodial information that is being stored on behalf of your clients and customers. If control over this information is lost, competitors can gain advantages or customers can leave. In worst case scenarios, there can also be hefty fines from regulatory bodies.
Trust is necessary in all organizations. However, it can be abused. It is important to identify where your trust relationships exist and what could happen if they are taken advantage of. This allows you to define a detection and response process and minimize the cost of a breach of trust.
What You Can Expect
We first meet with you in person or via conference call for one hour. Having performed several hundred consultations, we’ve developed a set of specific questions that help us understand your company and identify possible security concerns.
Next, we analyze your interview data and identify how strong your organization’s protection is against the six threat vectors.
Finally, we provide you with a strategy document that details steps for you to take in boosting your lines of defense. Because of our vast industry-wide experience, your strategy document is packed with detailed information including possible security vulnerabilities, HIPAA and PCI compliance guidelines and specific advice on how to address potential security concerns.