A History of Shaping Futures…Through IT Advisory Services
80% of all hacker attacks target small businesses
72% of businesses that suffer major data loss shut down within 24 months
60% of small businesses do not back up their data
With highly publicized incidences of data loss and increasing security risks, many organizations struggle to develop and maintain a strong information technology control environment. Ask yourself is your business prepared in the event of a cybersecurity breach? Now is the time to take stock of your cybersecurity health, securing information through best cybersecurity practices; identifying your risks and the types of cyberthreats; and learning best practices for guarding against cyberthreats.
Marvin and Company’s IT audit professionals have experience working with a wide variety of industries of all sizes. We partner with you to ensure your organization is secure and is following best practices related to Information Technology.
A security audit is a specified process designed to assess the security risks facing your business and the controls or countermeasures adopted by your business to mitigate those risks. Marvin and Company’s IT audit team will interview key personnel, conduct vulnerability assessments, catalog existing security policies and controls, and examine IT assets covered by the scope of the audit. Specific questions the audit will seek to answer include:
- How difficult are passwords to crack?
- Do network assets have access control lists?
- Are disaster recovery plans in place and tested on a regular basis?
- Are personal computers regularly scanned for adware or malware?
- Who has access to backed-up media in the organization?
These are just a small sample of the questions that the security audit will attempt to answer. It is important to understand that a security audit is a continuous process that should deliver continuous improvement to your business.
What is vulnerability management and does my company need it? Vulnerability management is the practice of identifying, classifying, remediating, and mitigating vulnerabilities in company applications, software, operating systems and networks. Vulnerability management should not be considered optional anymore; in fact many information security compliance, audit and risk management frameworks require organizations to maintain a vulnerability management program.
Our goal during a vulnerability assessment is to answer the question “Where are my companies’ security holes?” To do this our team will break the assessment down into 5 parts:
- Discover: Uncover forgotten devices & organize your host assets according to their role in the business (Visually map the network)
- Assess: Scan for vulnerabilities everywhere (perimeter, internal networks, Cloud servers) –accurately and efficiently
- Prioritize: Identify the highest business risks using trend analysis, Zero-Day and patch impact predictions
- Remediate: monitor vulnerabilities over time and manage exceptions (Remember the data is only as good as the last time it was updated. Just like an audit, the data reported is only relevant to the last time an asset was assessed)
- Inform: Customize comprehensive reports to document progress for business executives and IT staff
Please Contact Us
For additional information, please contact our Network Manager John J. Unser:
Telephone: 518-785-0134 ext. 4581
With more than 14 years of experience in the IT field, John holds multiple certifications from CompTIA, Microsoft, QUALYS, CIW, VMware, ITIL and Cisco Systems. John has worked in various areas including tier II - III support, network design/implementation, and IT auditing.