Whether evaluating a complex enterprise, a single web portal or conducting an information technology audit our expert certified consultants will reveal the flaws known to hackers and criminals and provide you with guidelines for remediation.
Enterprise Security Assessment
An ESA – Enterprise Security Assessment provides a complete end to end cyber security audit. Get the highest level of data security economically possible for you assessed risk level
Spohon provides enterprise solutions for:
- detailed inspection
- reporting of the security controls
Network Security Audit
A NSA – Network Security Audit is an Internal IT data security assessment focuses primarily on technical vulnerabilities. The NSA is an unbiased, in-depth assessment of your technical data security controls – this is what most people believe is where cyber security begins and ends.
Perimeter Security Assessment
A PSA is an External IT Data Security Assessment giving you detailed information about the state of perimeter security, the way a hacker would see it.
Firewall Data Security Reviews
Firewall security reviews are important because they identify vulnerabilities that cannot normally be detected through network penetration tests and black box network assessments. In the rush to keep your users happy sometimes things get missed, forgotten or overlooked – a mistake in this section of cyber security could be disastrous.
Social Engineering Testing
SE Pen testing is a subset of penetration testing that focuses on identifying and validating vulnerabilities associated with your employee's ability to follow documented policies and procedures and security best practices.
Data Security Compliance
Be prepared for security audits. Meet or exceed compliance and regulatory requirements of industry or government standards for data security. Spohn Consulting provides gap analysis, audits, and reports on compliance.
- NIST 800-53, FDCC
- SOX, GLBA, SAS-70
Security Policy Documentation
Formal Network or Data Security Policies are a part of most regulatory compliance audits including NERC, HIPAA, PCI and HITECH. These policies are frequently overlooked, simply inadequate or worse yet violate security best practices.
Our experts can help you evaluate or craft policies that will meet or exceed regulatory compliance for Security Training to HR Personnel to Change Management Policy.
This is one of our key strengths and core competencies. We are experts at evaluating your policies, procedures and security practices against HIPAA Security and Privacy Rules. Spohn delivers the results in a professional document package crafted by the same professional auditor that performed the scans, reviewed your policies, assessed your system configurations and interviewed your personnel.
HITECH regulations make audits necessity for all healthcare providers and their partners or BAAs – a simple letter or memorandum with no longer suffice and ignorance is no longer an option…Along with the new incentive funds came stiff penalties.
- FFIEC – Handbooks
- GLBA Act
- Board of Governors of the FRS
- Office of the Comptroller – Currency
- NCUA Administration