we understand accounting firms because we are one. Your
company’s security is it’s lifeline, and we take that
Our IT Security consultants assist firms in defining,
planning and evolving their IT.
IT Security Assessment
It’s not about if, it’s not about when. It’s already happened.
Our Security Assessments are a first step to measure the security posture of your organization, and provide recommendations for improvement. We’ll start by reviewing your existing IT documentation and policies, and conducting onsite or remote interviews with key personnel.
At the conclusion of our assessment, we will draft a report with our findings. We’ll work with you to develop a plan to get into compliance and assist in implementation which allows your organization to reach a security goal that mitigates risk.
Network Architecture Review & Design
Reviewing how your network is designed is an excellent way to identify potential security risks. We can review your structure of the network to identify and address network security deficiencies. Additionally, Anderson ZurMuehlen can provide guidance on the best approach to design the network.
Regulatory & Compliance Assistance
If your organization is bound by regulatory mandates and standards, we can help you meet your compliance goals. Anderson ZurMuehlen does more than just meeting your compliance or audit requirements, we help make your organization more secure and less vulnerable to attackers. Contact us to learn more about:
- HIPAA Health Information Compliance
- NIST (National Institute of Standards and Technology)
- DFARS (Defense Federal Acquisition Regulations Supplement)
- SOC 2 (Service Organization Control)
- PCI Credit Card Compliance
- GLBA Financial Institution Compliance
Policy & Procedure Review
Anderson ZurMuehlen’s approach to IT Policy and Procedure Review begins with a review of your existing information such as:
- Data Backup and Recovery
- Personal Device Use (Bring Your Own Device)
- Business Continuity Plan
- Disaster Recovery Plan
- Acceptable Use Policy
We’ll conduct interviews with key personnel to help identify and document existing practices, and then present detailed findings and specific recommendations for drafting or editing IT policies, procedures and standards.
Network Vulnerability Assessment & Testing
A Network Vulnerability Assessment from Anderson ZurMuehlen is a proactive step to securing your organization. Think of vulnerabilities as security holes, possible places where you are left unprotected, such as misconfigurations or missing or outdated security patches. Using comprehensive internal and external scans of your environment, we will find potential threats that might expose your systems to risk.
Going hand in hand with our Vulnerability Assessments, a Penetration Test exploits the known vulnerabilities to simulate an external or internal cyber-attack. Using many tools and techniques, the penetration tester attempts to exploit critical systems and gain access to sensitive data.
An internal “white box” test is where access to the internal environment is allowed and penetration is attempted on internal systems. A “black box” test is performed with very little information about the internal structure, to operate similarly to the way an outside attacker would.
Disaster Recovery & Business Continuity Planning
You can’t stop disasters from happening, but with a good disaster recovery plan you can be better prepared for the unexpected. Anderson ZurMuehlen can help your organization create a Business Continuity & Disaster Recovery Plan to ensure that your assets are protected and able to function in the event of a disaster. We’ll examine your most critical business functions and processes, determine what resources are needed, and develop a documented approach.