Vulnerability Scanning includes deployment of a NERC, PCI, FISMA, or HIPAA/HITECH compliant vulnerability scanning engine, internal to a client network, discovering all visible IP addresses and ongoing vulnerability scanning for newly discovered exploits in standard commercial operating systems, applications, databases and network devices. This process generally should occur every 30 days, on all managed devices and on newly deployed devices during the deployment/development life-cycle. The process would eventually be expanded to automatically log into systems, applications, databases, and network devices after a short test period. This period is based on the complexity of a client’s network, number of systems being scanned and phasing of new deployments. Finally, monthly vulnerability and remediation reporting is generated based on need-to-know, scope or any other client determined variable.
Vulnerability Management utilizes vulnerability scanning and reports exploit and remediation data discovered from Vulnerability Scanning. At the technical levels of a client organization remediation reporting is generated by automatically generating “tickets” for specific technologists in a client’s workflow product and other metrics at this level can be client chosen. At higher levels of an organization reporting is intended to show the highest yielding employees, where technical education may be needed or any other client determined metric.
Assessment and Audits are based on standard audit techniques to determine an organization’s baseline as it relates to a pre-determined standard. This audit can be performed solely on Information Technology assets or on all aspects of a client’s organization. All audit findings are then sorted by highest risk and the least investment and remediation efforts generate “tickets” in the client’s workflow tracking product. Finally, true Risk Reporting is achieved when cyclical auditing, remediation, information security incident data and reporting is performed.
Data is the new bottom line. But convincing your senior executives to invest in Information Assurance (IA) and data breach prevention technology is one of your biggest struggles. Until a massive breach occurs, executives don’t really understand the business impact of a breach and reputational harm.
Clinical Security is uniquely qualified to engage your executive team, present a financial return on investment and classify risk; in language and reports that the C suite can easily comprehend. Let our law enforcement background offer you the protection and type of IT security partner you need to comply with HIPAA and HITECH. We’ll even educate your executive team and cost-justify your future security spending.
Information Security Incident Response falls into two basic categories: Internal threat and external threat. Both are delivered on retainer, based on organization size, to deliver services during the containment phase only. This deliverable first defines Information Security Incidents with key employees and executive leadership and creates pre-determined reporting procedures for these key employees. A 24x7 call center is available for 2 client employees to report Information Security Incidents. This deliverable’s scope is to triage suspected information security events, determine the severity of an event, isolate those organizational employees in a notification matrix, determine how to contain the incident at any level, and advise on a course of action. Because incidents and forensic analysis varies from case to case, a pre-determined hourly rate will be instituted once the Information Security Incident is contained. A legally admissible incident report is drafted and delivered to client counsel if deemed necessary.