No current events.

Tweets

Employees Ignore #SocialMedia Policies, Play “FarmVille” on Company Time [STUDY]: http://bit.ly/cjpWxR
RSA: Banking trojan uses #social network as command and control server http://bit.ly/9xujDi #security
http://bit.ly/cVl1mr Hospital: files with personal, medical data on 800,000 gone ->#HIPAA violation
RT @SantaRosaHealth: CMS Lightens Meaningful-Use Requirements for #EHRs http://bit.ly/bLmYtR #ARRA #HITECH
Fla stolen laptops: Its nice the know the #CCTV worked really well to watch thieves steal laptops for over 9 hours! http://bit.ly/d04PFk
Insurance Org HealthCheck

Overview

An enterprise has many potential points of weakness that an intruder can exploit to damage or steal information. Our company offers a Health Check for organizations looking to acquire Cyber Insurance. The assessment process provide a High Level risk assessment of the infrastructure, application layer, the operating system layer, the network layer that might pose security risks to the organization. From internal and external access to your organization, we will review options that are available to an attacker. We will asses points of vulnerability in the people, process, and technology aspects of your organization to reduce the possibility of an Insurance claim being made.

Solution

A security solution around an Enterprise is focused on how the systems are setup in the environment and what architectural factors can lead to a data breach. We gather data about the site both locally and remotely, conduct key personnel interviews and review the architecture and implementation structure. We can look at the application layer vulnerabilities and operating system and network layers weaknesses to gain a complete picture of where a weakness can be exploited. Automated testing tools are used in the vulnerability assessment processes for a sample set of devices. 

Insurance Industry security assessment process includes:

  1. Customer Interviews: Assessment by interviewing IT and security staff. Understand your business processes and how the business processes work at the application, operating system and network layers. Gather information about all related systems and review all policies and procedures documents.
  2. Vulnerability Assessment: Conduct automated assessment techniques to find weaknesses in a sample of devices.
  3. Security Architecture Assessment: Review the architecture of the environment for security weaknesses. Compare to best practices in policies, technology implementations and process steps.
  4. Report Generation: Deliver an Executive Summary report of all findings and solutions. These solutions can be strategic, technical or procedural.

 

How the Process Works

Our company provides a structured methodological approach to assessment. We start at the high level with interview and design reviews and get detailed with technical testing and analysis. We will be onsite for tests and interviews only, keeping expenses minimal. We will complete the following:

  • Information gathering via interview and document review
  • Data gathering through technical means with manual procedures and automated tools
  • Detailed analysis of the data gathered, testing of the environment for weaknesses
  • Delivery of a detailed summary of every issue located in an Executive Report and Technical report.
 

PCI ASV Scan

 

Contact Us: (Antispam Question- What is 1+1?)
Name
Phone
Email
Company
Interest

right_banner1

 

©2009 KRAA SecurityTM All Rights Reserved. Hospital Security | HIPAA Training | HIPAA Security | Physical Security Consulting

Resources | Privacy Link info@kraasecurity.com