As if you didn’t have enough to worry about in IT these days, now you also have to worry about ensuring your IT organization is in compliance with various industry and federal regulations such as PCI, Sarbanes-Oxley, and HIPAA. These regulations are designed to reduce fraudulant activities, misreporting of financial statements and above all keep sensitive data safe. This is an increasingly difficult task in today’s decentralized, mobile, app-filled world. Failure to meet rules and guidelines set by compliance standards could mean fines, penalties and loss of trust.
FourSquare IT can help you :
provide scoping of your IT environment
risk assessment
evaluation of IT policies, IT General Controls (ITGC), IT Automated Controls, and Segregation of Duties (SOD)
designing of ITGC, Automated, and SOD conrols
testing of ITGC, Automated and SOD controls
intermediary to external auditors
evaluation of material weakness and significant deficiencies
In addition, FourSquare IT also provides the following services:
Security Architecture Review
Perform a security architecture review to examine all layers of network architecture – including but not limited to network design, external connections, hosts, servers, business logic, staging areas, procedures, and quality assurance – to determine the security vulnerabilities
Assessment report to document the findings of the security architecture review with recommendations for improvement
Web Application Penetration Testing
Perform testing to reveal security vulnerabilities resulting from web application implementation errors
Expose weaknesses stemming from the web applications relationship to the rest of the IT infrastructure
Assess web application security versus real-world attacks using both manual and automated techniques
Identify security flaws in the web application and prioritize the findings to support in risk mitigation
External Network Penetration Testing
Perform testing from outside the corporate network to reveal security vulnerabilities in the infrastructure
Prioritize the findings based on the risk level
Assess web application security versus real-world attacks using both manual and automated techniques
Wireless Security Assessment
Investigate physical installation of access points
Review existing wireless security policies, architecture and configurations
Analyze security gaps and recommend improvements