Security Assessments

A security assessment is a great exercise to figure out where the deficiencies are in your organization's information security program, and then create plan to address and remediate those gaps. Key areas of focus include:

Administrative

This section focuses on the "people part" of security - primarily the policies and procedures put into place to help guide how employees deal with the organization's sensitive information.  I will help you assess the effectiveness of your existing policies, work with you to improve them as necessary, and write new policies if needed.

Physical

In this section, your organization's physical controls will be evaluated.  Some examples of these controls include:

  • Cameras
  • Door locks
  • Fences
  • Guards
  • Smart cards
  • ...and more

Technical

The technical controls review will give you a holistic view of your internal and external network from a security standpoint, and include:

  • Vulnerability scanning
     
  • Review of Active Directory policies and security configuration against Microsoft best practices
     
  • Wireless audit for proper configuration and encryption, as well as a password strength analysis