As part of FPA's continuing commitment to the proactive management, support, and security of our clients' network infrastructure, we provide a detailed and thorough Technology Security Assessment through our comprehensive Technology Security Review Project.
One of the major challenges in maintaining a strong and secure technology infrastructure on an ongoing basis is the constantly changing landscape made up of the threats one must guard against. In addition to intrusions such as intended hacks - malware, ransomware, and phishing have been employed for some time now and remain a significant threat to the security of your information. In addition, many new forms of attacks are springing up every other day. With the ever increasing interdependence we now find ourselves in, this “always on” connectivity (with our constant reliance on email, the internet, the “cloud”, remote connectivity, and wireless), businesses are finding it harder and harder to keep up with ensuring their technology, and ultimately the data they’re responsible for, is secure.
Our process for effectively addressing the security of a business’ information technology is based on the following three phased approach:
- Security Assessment (Risk Assessment)
- Report Prep and Review Meeting (Gap Analysis)
- Securing and Addressing the Gaps (Remediation)
While securing information technology is as much an art as it is a science, it is also a constantly moving target. The over-arching and appropriate approach to security is to provide insight into the current status of risk, then reducing that risk by improving security measures where needed, and then by providing an ongoing methodology for a continuous review process.
Our TSRP incorporates the first two phases as noted above while the third phase, Securing and Addressing the Gaps (ie: Remediation), is the resulting action items from the project.
1. Security Assessment (Risk Assessment)
Performing a well-rounded information technology security assessment requires a multi-faceted approach evaluating (at the highest level) 3 key areas: policies, processes, and systems. To this end, our approach to an information technology security assessment can be broken down into the following assessment phases:
- Security Compliance Assessment
- Network Security Assessment
- Network Penetration Test
- Wireless-WLAN Security Assessment
- Remote Access Assessment
- Physical Risk Assessment
While all six phases are often required to ensure a thorough and exhaustive evaluation, not all organizations have the need for all six nor can they justify the evaluated ROI against the potential risk to perform each. Our tiered level approach to a security assessment allows us working with you to define the security assessment engagement specifically needed to meet your organization’s unique requirements.
2. Report Prep and Review Meeting (Gap Analysis)
In addition to reviewing and documenting your policies and procedures, technology infrastructure, and vulnerability test results, one of the key outcomes of the TSRP is to bring to light the level of information technology security as compared to industry standard requirements. The end result of our Security Assessment phase is reviewing all documentation gathered, analyzing the results, comparing them against industry standards, and providing the results in a meaningful report.
At the conclusion of the initial security assessment phase of the Technology Security Review Project, we will meet with you to deliver and review our findings, prioritize the action items (as to whether they are immediate or can be addressed over time), and discuss any recommended courses of action along with any related costs to address the issues.
FPA provides real, tangible, and meaningful results of this analysis in the form of detailed hard copy reports documenting all your organization's IT systems including:
- Our Technology Security Review Report which provides a granual breakdown of all of our findings as well as detailed recommendations for remediating issues needing to be addressed
- Supporting Reports such as our Client Risk Report, Security Risk Report, and Endpoint Risk Report
- Security Policies and Procedures Notebook including Computer Security Policy, Third-Party Security Policy, etc.
For more information about our Technology Security Assessment Services or to learn more about our other technology ervices, please contact us at firstname.lastname@example.org. Or feel free to call us at 818-501-3390.