Exacutive Overview of IT Security
NEXTWORKS IT SECURITY & TRAINING SERIES
December 2019 | Nextworks
July 2019: Capital One disclosed one of the largest thefts of personal information from a bank to date. 106 million clients were affected.
IT security is a big topic for big business, but it’s also a big topic for small business. We guide our clients though the complexities of IT security and compliance.
There exists an ocean of industry and government IT compliance requirements and standards. Just to list some examples:
- PCI DSS (Payment Card Industry Data Security Standard)
- HIPAA (Health Insurance Portability and Accountability Act)
- SOX (Sarbanes-Oxley Act) / GLBA (Gramm-Leach-Bliley Act)
- ISO (International Organization for Standardization)
- CJIS (Criminal Justice Information Services)
- FISMA (The Federal Information Security Management Act)
- SSAE 16 (Statement on Standards for Attestation Engagements)
Four Corners of IT Security
As your Virtual CIO, Nextworks can guide your organization though meeting the complex and fluid demands of IT security. We’ve quantified IT security into the ongoing process of four distinct functions.
- Seek - Discovery & Testing
- Lock - Hardening
- Shield - Monitoring & Reporting
- Learn - Reviews, Education & Procedure
Hackers get smarter and bolder. Internal threats can be just as perilous as external ones. The need to protect your digital assets and network is greater than ever.
The Mechanics of IT Security
Every IT environment is a complex interaction of people and components. Weak links in this chain can reveal security exploits for an intruder to find, or even stumble across. In order to meet security compliance, a comprehensive review of your network must be regularly conducted.
- Cybersecrity Training & Measuring
- Anti-Phishing Training & Measuring
- Email Security Awareness Training
- Firewall Security & Updates
- Password Requirements & 2FA
- Computer Security & Updates
- Server Security & Updates
- Data Encryption & Secure Email
- Access Control Lists (ACLs)
- Mobile Device Management
- Data Backup Security & Monitoring
- Virus, Spam, Malware, & Spyware Protection
- Partner & Vendor Security Accountability
- Remote Access Management
- Allowed Software Management
- Proper Data Destruction
- Use of Personal Equipment
- Cloud Services Management
- Physical Access Security
- Penetration Testing
- IT Policies & Procedures
- Auditing, Detection, & Reporting
- Disaster Recovery / Business Continuity Planning
Your Nextworks vCIO is able to help lead your organization through this process delivering peace of mind.
[ Return to IT Security & Training home. ]
[ Return to Nextworks IT home. ]