Security Consulting Services Overview
An overview of security services that Network Vigilance can provide include:
Information Technology Risk Assessment
An IT risk assessment can provide a critical understanding of an organization’s security posture and compliance gaps. It can help determine whether your controls and security investment provides and adequate level of protection against an attack, business disruption or data exploitation. Areas of Coverage include:
- External Network Assessment
- Internal Network Assessment
- Social Engineering & Physical Security
- Security Policy & Practices Development
- IT Security Planning & Program Development
- Regulatory Compliance Review
For a detailed description of the specific assessment areas covered, click here. Risk Assessment Categories
Secure Network & Solution Design
Many times it's not enough to implement a point solution to solve a security problem. You may need to redesign or improve your network architecture to take into consideration the security ramifications of new business requirements. These include new applications, service provider relationships, 3rd party access by consultants and business partners, remote and mobile user access, use of social media, wireless, cloud computing, regulatory compliance requirements, and virtualization.
Regulatory Compliance Reviews
Review of controls with regard to regulatory requirements for HIPAA, Sarbanes-Oxley, GLBA, PCI, NERC and others. We can conduct a pre-audit, formal compliance assessment, or help you design a remediation program to help you prepare for and pass an upcoming audit.
Security Policy & IT Governance Review
This is a review of the IT governance policies set in place by executive management. Whether pre-existing policies need to be reviewed or are not yet developed, we can identify gaps that may exist where policies should be designed, written, implemented and enforced. We also offer Data Classification Review as part of these services.
Vulnerability Scanning, Penetration Testing & Ethical Hacking
External and Internal testing and assessment can take a wide range of forms depending on the scope and purpose of the evaluation. Services range from vulnerability scanning, to specific attack vector penetration testing, uninformed testing, and ethical hacking.
IT Security Program Development & Planning
We offer IT Risk Management Program creation and development, Incident Response Planning, Security Awareness Program Development, and Disaster Recovery and Business Continuity Plan evaluation.
Security Forensics & Breach Investigation
We can provide emergency breach response to either pursue or protect if an attack has occured, or potentially breached IT systems and data. Services include investigation of suspected employee fraudulent activity, forensic evidence gathering, litigation support, and data breach investigation.