We offer a range of security and privacy related services including:

Security & Privacy Consultation Services

General consulting services regarding privacy and IT security issues and requirements;

Security and privacy architectures;

Corporate Security and Privacy support; and

Security and privacy education and awareness.
Privacy Services

Privacy Impact Assessments (PIA);

Privacy Policies, and Procedures;

Privacy Requirements Definition; and

Privacy Audits.
Electronic Commerce Security

Conduct technical security review of Internet, Intranet and Extranet servers;

Perform specific client security studies with respect to e-commerce and VirtualSAFE; and

Perform threat and risk assessments specific to e-commerce environments.
Network Security

Develop Security Architectures;

Safeguard recommendation, selection, testing and implementation;

Network security monitoring; and

Security engineering.

Public Key Infrastructure (PKI) Security

PKI High Level Studies;

PKI Certificate Practice Statements, Certificate Policies, and Procedures;

PKI Certificate Authority (CA) and Directory deployments; and

PKI Security Audits.

Information Technology (IT) Risk Management

Threat and Risk Assessments (TRA) for IT systems;

Security Requirements definition;

Informal security reviews, (i.e., abbreviated threat and risk assessments); and

Product evaluations to assess for security vulnerabilities.
Security and Privacy Policies and Procedures

Create new security and privacy policies and procedures; and

Review established security and privacy policies and procedures to ensure they conform to current IT infrastructure and best practices.
Security Audits

Perform security audits on Web, E-Commerce, and VirtualSAFE servers; and

Perform security audits on internal networks, Intranets and Extranets.
Vulnerability Analysis/Penetration Testing

Review of security policy documents and operational procedures as they relate to IT security;

Review of IT security architecture, firewall policies, server configurations and routing equipment configurations; and

Penetration testing both external, from outside the firewall, and internal, from behind the client firewall.

Perform security investigations; and

Computer Forensics - including disk mirroring, file recovery and data analysis.