Friday, March 9, 2012
Q. What is Security Consultation?
A. Security consultation is a term used when we are asked to give the "best" security practices or advice on technologies or software that will help improve security of a system. This service is linked to vulnerability testing and security auditing, however it is not seeking a security hole or vulnerability, rather it is giving advice on how to lock down a system without performing an audit or test of the system in question.
Q. Why do I need a security consultation?
A. To protect your enterprise from losses, regardless of the size of the business. These losses are estimated to cost U.S. businesses millions of dollars each year.
Q. What sorts of things are included in a security consultation?
A. No security plan or program can be effective unless it is based upon a clear understanding of the actual risks it is designed to control. Specific areas of the business operation are scrutinized including; perimeter and facility security, cash handling procedures, computer security, proprietary information, hiring practices, benefit abuse, emergency procedures, and contingency planning.
Q. What do you provide to me?
A. A comprehensive written report is provided identifying the risks and vulnerabilities of your business. This analysis results in the development of specific countermeasures and corrective recommendations to reduce or eliminate the risks.
Q. We had a security consultation some time back. Should we repeat the process?
A. This service is recommended to be performed at least once every two years.
Sources: Maley Investigations, Daniel Securities