As if you didn’t have enough to worry about in IT these days, now you also have to worry about ensuring your IT organization is in compliance with various industry and federal regulations such as PCI, Sarbanes-Oxley, and HIPAA. These regulations are designed to reduce fraudulant activities, misreporting of financial statements and above all keep sensitive data safe. This is an increasingly difficult task in today’s decentralized, mobile, app-filled world. Failure to meet rules and guidelines set by compliance standards could mean fines, penalties and loss of trust.
FourSquare IT can help you :
- provide scoping of your IT environment
- risk assessment
- evaluation of IT policies, IT General Controls (ITGC), IT Automated Controls, and Segregation of Duties (SOD)
- designing of ITGC, Automated, and SOD conrols
- testing of ITGC, Automated and SOD controls
- intermediary to external auditors
- evaluation of material weakness and significant deficiencies
In addition, FourSquare IT also provides the following services:
Security Architecture Review
- Perform a security architecture review to examine all layers of network architecture – including but not limited to network design, external connections, hosts, servers, business logic, staging areas, procedures, and quality assurance – to determine the security vulnerabilities
- Assessment report to document the findings of the security architecture review with recommendations for improvement
Web Application Penetration Testing
- Perform testing to reveal security vulnerabilities resulting from web application implementation errors
- Expose weaknesses stemming from the web applications relationship to the rest of the IT infrastructure
- Assess web application security versus real-world attacks using both manual and automated techniques
- Identify security flaws in the web application and prioritize the findings to support in risk mitigation
External Network Penetration Testing
- Perform testing from outside the corporate network to reveal security vulnerabilities in the infrastructure
- Prioritize the findings based on the risk level
- Assess web application security versus real-world attacks using both manual and automated techniques
Wireless Security Assessment
- Investigate physical installation of access points
- Review existing wireless security policies, architecture and configurations
- Analyze security gaps and recommend improvements