Services | Security Audit
Small Business Computer System
your computer security concerns & risk tolerance?
For organizations with security
issues, known security problems –or worse, unknown security
problems the risks are too high to be ignored.
The volume of business and financial records is increasing every
year in business and they are being stored in electronic formats
more than ever before. Now securing
confidential company records and client data, as well as
providing password and encryption security is not only “nice to
have” but also an absolute necessity. Wireless connectivity adds
additional complexity and security concerns.
Federal (such as the Patriot Act and HIPPA), and State Identity
(such as the
Illinois Personal Information Protection Act)
are all increasing the liability risk for your business not
to mention your own ethical privacy standards. There is also
another fundamental reason you should be worried about your
data, simply, because without it you are out of business.
While it often seems easiest just
to fix a minor problem and move on, open security issues will
eventually lead to major business problems including:
Corrupt or Stolen Information
Inaccurate Financial Reports
Permanently Damaged or Lost
Expensive Legal Exposure
Short-term unaddressed security
issues hopefully will only cost you only money, but if allowed to
worsen possibly your business.
Audits...IT Belt & Suspenders You Can Never Know Enough About Your
An information security audit is
one of the best ways to determine the security of your company's
information without incurring the cost and other associated
business interruption damages of a real security incident.
We audit how the confidentiality, availability and integrity of
your information are assured.
Here are some key
aspects of a comprehensive security audit that you should get
answers to for your peace of mind.
passwords difficult to crack?
have access control lists (ACLs) in place on network devices
to control who has access to shared data?
have audit logs to record who is accessing data?
review your audit logs? Who is responsible for reviewing
security settings for your operating systems in accordance
with accepted industry security practices?
your unnecessary applications & computer services been
eliminated for each system?
operating systems and commercial applications patched to
Anti-virus software & hardware configurations
Review router configuration and make any appropriate
changes to secure unwanted access
Review any wireless networks and their security
settings & ports
each pc for security updates, anti-virus and spyware updates
Data Integrity & Security
backup media stored? Who has access to it? Is it up-to-date?
a disaster recovery plan? Have the participants and
stakeholders ever rehearsed the disaster recovery plan?
If using VPN,
have adequate cryptographic tools in place to govern data
encryption, and are they configured properly?
custom-built applications been written with security in
these custom applications been tested for security flaws?
How are configuration changes documented at every level? How
are these records reviewed and who conducts the review?
If you are
concerned about what you know or don't know about your computer
system and want to reduce the risk to your business then
We can make sure you
never waste your time, money or sleep
over your computer problems or security concerns ever again.
Systems Design >>>