At the heart of business lies all the information you need to remain competitive, profitable, and ready to service customers. That information resides on the computers you rely on daily for research, payroll, inventory, marketing, customer communications, and many other vital business activities.

We offer a full suite of computer security services so you can focus on what you do best, and rest assured your hard work is protected from malicious activities. Our services include:

» Individual PC and Server Security Auditing and Testing: Identify actual and potential security exposures on individual computers, including high-risk applications in use or high-risk activities being performed with the computer.

» Website and Web Application Security Auditing and Testing: Tests for SQL injection, cross site scripting, CGI vulnerabilities, and other input validation vulnerabilities; HTML code review to identify comments, scripts or other code that may expose your website to attack.

» Data Security Assessments: Assess ease of access to data held in company computing resources; Deploy access control and cryptographic mechanisms to ensure data is available only to those authorized access to databases, shared folders and network drives.

» Password Strength Testing and Lost Password Recovery: Testing to ensure passwords are of proper complexity to secure data; recovery of lost or forgotten passwords.

» Remediation: Correction of identified vulnerabilities and guidance to improve security posture.

For information to be useful, it need to travel to those that need it, when they need it, and with the assurance it has not been modified or intercepted in transit. Your personal network, and your connection to the Internet, offer eavesdroppers and malicious individuals the opportunity to steal or modify your data, or use your resources for additional unauthorized activities.

We believe your network can be the front-line of defense in protecting your assets. Network-related security services include:

» Network Security Auditing and Testing: "Foot printing" and investigating the entire network architecture to identify vulnerable devices, weak protocols that expose important information, and network settings that may allow access to an unauthorized user.

» Wireless Network Security Auditing and Testing: Targeted penetration tests against your WiFi network; Identification of unauthorized wireless users and devices; Securing of wireless access devices and authorized computers; Bluetooth sweep for unauthorized and unsecure devices (such as printers, cell phones and PDAs)

» External Penetration Attacks: Research vulnerabilities and informational footprint of your company through "open source" and Google hacking methods.

» Remediation: Correction of identified vulnerabilities and guidance to improve security posture.

Not to be underestimated, the importance of information security awareness among your staff and use of good physical security practices can protect you from some of the most dangerous and easily executed breaches.

A robust information security stance can be created through the following services:

» Information Security Awareness Training: Training and guidance for you and your staff to help understand and avoid unsecure activities while using information technology. Topics include social engineering, phishing/spear phishing, safe use of the Internet and proper handling and storage of sensitive information.

» Physical Security Auditing and Testing: Assess the level of security provided by physical measures such as entry points, security systems, building layout, and access to computing resources and sensitive company documents; If requested, we can perform “social engineering” attacks against staff on-site or remotely to assess exposure to non-traditional threats.

» Security Policy Review and Creation: Examine computing and security policies of your company for completeness; create a customized policy if you do not currently have one. Policies include business continuity planning, backups, privacy policies, acceptable use policies, and procedures for removing terminated employees access to information resources.