• Assess your risk and protect your company data from exposure, tampering and theft
  

• Meet HIPPA and Sarbanes Oxley compliance regulations

• Keep hackers from disrupting your network

Information Security Consulting Services

ICS offers world-class information security consulting services. We apply cutting-edge methodologies to resolve your most critical information security challenges. Our offerings incorporate industry standards, including Gramm, Leech, Biley, ISO 17799, and the latest HIPAA guidelines. We offer practical solutions to real world problems, customized to address the particular circumstances faced by you and your organization.

How To Secure Computer Networks

First determine what level of security you need. Then a risk assessment should be completed, the more comprehensive the better. Follow the corrective actions reported by the risk assessment. Perform penetration testing to evaluate the organizations security defenses. Repeat periodically and when business processes or technology changes.

Risk Assessments – Identify gaps and risks in computer network security
	FRAAP – 3 to 5 days, $3,995 and up*
	MSA – less than a day, $395*
	QSR – 1 hour, $120*
	MBSA - 1 hour, FREE*

Server Hardening – Configure servers to Microsoft best practices and more
	File Server – $*
	Application Server – $*
	Web/IIS Server – $*

What is a FRAAP?
A FRAAP is a Facilitated Risk Analysis and Assessment Process. It is a qualitative risk analysis and assessment process performed by our security experts. It will identify potential undesirable and/or unauthorized events (risks) that can negatively impact the integrity, confidentiality, or availability of information contained in the system. It provides you with a cost effective, non technical, enterprise wide information security risk analysis. FRAAP is a wide reaching offering that allows you to perform risk assessment and analysis on any critical area of your business.

	Deliverables:
		Threats will be identified
		Probability that a threat will occur
		Impact if the threat does occur
		Risk levels established
		Mitigating controls and safeguards identified
		Implementation action plan

What is an MSA?
A Microsoft Security Assessment is a process designed to help you gain a better understanding of your security gaps and risks. It is not a replacement for an audit/analysis by our certified security professionals.

	Deliverables:
		Threats will be identified
		Risk levels reported
		Mitigating safeguards identified
		Prioritized Action List

What is a QSR?
A Quick Security Review will recommend basic security measures to help safeguard a computer network. It is not a replacement for an audit/analysis by our certified security professionals.

	Deliverables:
		Some Basic Threats will be identified
		Mitigating safeguards identified

What is an MBSA?
A Microsoft Baseline Security Analysis is a process that we use to identify some security threats to your Windows network. It will determine the security state in accordance with Microsoft security recommendations and offers specific remediations and detect common security misconfigurations and missing security updates on your Windows computer systems. It is not comprehensive and not a replacement for a full audit/analysis by our certified security professionals.

	Deliverables:
		Some Threats will be identified
		Risk levels reported
		Recommendations for correction

What kind of Risk Assesment do I need?
If your organization:

	Requires formal documentation and policies
	Must adhere to legal requirements, Sarbanes Oxley, HIPPA, ISO 17799 etc.
	Has a fiduciary duty to stockholders
	Keeps customer credit card or financial data
	Has proprietary information, secret recipes, R&D

Then consider a FRAAP to assess the risks.

If your organization:

Wants to have a better understanding of their security gaps and risks

Then consider a MSA to assess the risks.

If your organization:

Does not meet the above requirements, does not require a security policy     and has computers

Then consider a QSR or MBSA to assess the risks.

*Prices dependant on size of organization and number of computers

Wireless Security Assessment (WSA)
Our WSA uses cutting edge technology to assess the security of your wireless network and the components in it. This provides you with a thorough evaluation of your entire wireless network, including wireless access points, encryption schemes, wireless clients, and back-end systems. We will provide your organization with a written report on the health of your wireless security, a network map outlining your current network configuration and a written policy on how to secure your wireless network.

Network Vulnerability Assessment (NVA)
The ICS NVA utilizes a top-down, bottom-up approach. The top-down component focuses upon the security culture of the corporate environment and the business drivers. In this stage, policies and procedures are evaluated and developed or refined where necessary. In the bottom-up component, the focus is on the technical side, evaluating the network and security systems to ensure the maximum protection of corporate assets.

Penetration Testing
A penetration test is a method of evaluating your organizations network and information security by subjecting it to real world attack scenarios. This analysis is carried out by our information security professional and involves active exploitation of security vulnerabilities. Results are presented to the organization in a comprehensive penetration test report. We offer internal /external network, WIFI and web penetration testing. Think your data is secure? Is that new website hackable? Let an independent third party test your security.

*Prices dependant on size of organization and number of computers