What We Do

---

No one likes writing policies. Let us do it for you. We will draft policies based on your needs. Policies for Information Security, Teleworking, BYOD, Privacy, Incident Response, ISMS, Compliance, and more.

Have you been operating off of "tribal knowledge" only? Need your processes documented or do you need new procedures built? We will evaluate your processes as they exist today and document everything you are (or should be) doing. Procedures for incident response, access control, physical security, Secure Development Lifecycle, etc.

Having trouble mapping our network boundaries and dataflows? Seeing the full picture of your network and dataflows is vital to properly securing your business. 

No one is perfect, and the same can be said for businesses. We will help you identify what you are doing well, and where you can improve. We will provide a detailed assessment of your business against industry standards and help you identify solutions. 

If you have industry standards or regulations to adhere to, you need to know where you stand. We will perform detailed compliance assessments based on your specific needs, and help you obtain or maintain compliance. SOC 2, NIST, ISO/IEC, SOX, HIPAA, FCRA, HECVAT, CIS, PCI-DSS, etc.

Vulnerabilities can be an overwhelming hurdle, especially when you don't know they are there... We will take a deep dive into your network and systems to find any areas of concern. Assessments include access control audits, hardware and software vulnerabilities scans, secure configuration validations, etc.

Suppliers pose arguably the greatest threat to businesses. We will assess your third-parties for risk and report back to you. Includes security reviews and risk assessments for current and new suppliers. 

You have a project that you need expert advice on. Let's do it.

Want to start from scratch or enhance an existing security program? You tell us what you need and we'll guide you through every step.

Long-term need for security knowledge and expertise? If you need someone to fill out those tedious RFP's and security questionnaires, or act as your dedicated security contact, then we'll be there for you.