Security Assessments
Security Assessments identify vulnerabilities and improve security for your data, networks, systems and facilities. Whether assessing a complex enterprise or a single web portal, our expert consultants will reveal the flaws known to hackers and criminals and provide you with guidelines for remediation.
- Enterprise Security Assessment (ESA) - An ESA provides a complete enterprise solution for detailed inspection, analysis, and reporting of the security controls across your organization.
- Network Security Assessment (NSA) – A NSA is a span of security controls best practices focusing primarily on technical vulnerabilities. The NSA is an unbiased, in-depth assessment of your technical security controls.
- Perimeter Security Assessment (PSA) – A PSA gives you detailed information about the state of perimeter security, the way a hacker would see it.
Information security is important to us, and we’ve invested a lot of time researching how to provide you the best information security services. Our finished product is not the output of some tool, but rather an analysis of data from many tools and procedures written up in easily understandable English, able to be turned quickly into action items. Think of us as your partner in information security, we’re not just another network security company running cookie cutter tools you could download and run yourself.
Security Compliance
Be prepared for audits. Meet the compliance requirements of industry and government standards. Spohn consulting provides gap analyses and reports on compliance, with expertise in the Information Technology security standards applicable to your organization and business.
- PCI Data Security Standard (DSS)
- HIPAA
- NIST 800-53, FDCC
- ISO27001, 27002 (formerly ISO 17799)
- SOX, GLBA, SAS-70
Disaster Preparedness
Business Continuity & Disaster Recovery Planning
Spohn’s Business Continuity and Disaster Recovery (BCDR) planning service helps you restore critical functions and preserve digital assets in the case of a disaster event. BCDR planning is a necessary part of risk management, measuring the probability of what could occur, the likeliness that it will occur, the impact to your organization if a disaster should occur, and determining what action to take if the organization is faced with an emergency situation. Comprehensive BCDR plans provide your organization with faster response times and greater protection.
Spohn is a BCDR subject matter and industry expert, working with businesses to develop, write, or improve BCDR plans as part of their risk management framework. Our consultants prepare a plan specifically for your business by performing an objective end-to-end examination of systems and operations, executing a Business Impact Analysis, and providing you with a list of your business essential, business critical and mission critical applications with recommendations on how to develop the quickest recovery time. Our expertise in network security will help identify the greatest threats to your business and the most cost effective course of action for response.
BCDR planning provides the following benefits:
- Ensure the fastest response and recovery time to business threats such as fire, loss of power, flood or other common threats.
- Identify your most critical systems and prioritize system needs, giving you the least amount of downtime.
- Identify any gaps in your current recovery strategy and cost effective means to mitigate the risks.
- Identify when it is appropriate to enact your BCDR plan.
- Meet regulatory requirements for BCDR planning
- Increase shareholder confidence in your business by preparing for threats.
