Assessments help you meet
regulatory requirements. | | GLB 501 (Gramm-Leach-Bliley Act) | | FDIC and State Audits | | HIPAA | | Sarbanes-Oxley Act |
Your assessment is targeted to
specific network or system aspects. | | Microsoft Windows | | Internet Service Provider Analysis | | Remote access - VPN and Modem | | Wireless Systems | | IP telephony solutions | | Unix and Linux operating systems |
|
|
Security AssessmentsInformation security assessment is available with adherence to international security standards from ISO 27001 /27002, as well as regulated industry guidance such as GLBA and HIPAA information privacy.
Redhawk's personnel has the experience and training needed for vulnerability testing and security architecture analysis. A risk-based methodology is used to determine the appropriate countermeasures for information systems.
Redhawk engineers are backed by the Certified Information System Security Professional (CISSP) certification program. The CISSP credential was the first information security credential and has become “The Gold Standard”, certifying mastery of security best practices. Please visit www.isc2.org for details of the program.
Security Assessment Scope of Work
- IT controls including policy and procedure
- Business Continuity Plan (BCP) review
- Internal security assessment (network, servers and workstations)
- External security assessment (firewall, IDS / IPS, border routers and Internet services)
- Social engineering
- Report with executive summary
International Best Practices
The ISO 27002 Code of Practice is the starting point for developing your organizational guidance. The following topics are part of the code:
- Establishing organizational security policy
- Organizational security infrastructure
- Asset classification and control
- Personnel security
- Physical and environmental security
- Communications and operations management
- Access control
- Systems development and maintenance
- Business continuity management
- Compliance
| 
