Adding to this challenge is the rapid expansion and deployment of technology to end-users (tablets, smart phones, etc.) and the need to comply with industry and government regulations. Staying in front of potential threats, managing infrastructure, and staying current with the regulatory standard can be overwhelming.
Accellis simplifies and streamlines compliance & security efforts by establishing firm-wide awareness and security guidelines while leveraging industry proven technologies.
Learn More About our Security & Compliance Services
Your Security Assessment includes:
- Policy reviews
- Policy awareness reviews
- Internal and external port scan
- Internal and external network vulnerability scan
- In-depth regulatory and/or best practice review
- Network topology review
- Network vulnerability review
- Security countermeasure review (antivirus, firewall, access control, etc.)
- Physical security review
- Wireless access review
Our IT security experts work with you to review your firm’s assets, physical resources, and procedures to identify potential weaknesses, damage and threats. We measure the individual risk level of each asset and gauge the effectiveness of existing controls. Our findings identify which assets are most critical, and provide a basis for prioritization and recommend a course for remediation.
Our Risk Assessment addresses both internal and external threats, while answering the following questions:
- What threats exist and how can you be affected?
- How will the threats likely act against you?
- What are the potential business and technology implications?
- What can be done to stop it and lower your overall risk level?
- Conduct interviews and walk-throughs with key personnel including key staff and administrators
- Review documentation including operations manuals, policies and general procedures
- Review practices described during the interview process
- Compare documentation and company procedures against industry regulations, best practices and government requirements
- Reporting & recommendations
- Threats / Risks
- Remediation (optional)
- Create/update firm documentation including policies and procedures
- Implement security solutions and controls
- Provide security training
Our IT security experts work to collect and examine your firm’s processes, procedures, documentation, personnel, physical location, data controls, and any other resources that may impact your firm’s security. We then verify whether these resources adhere to best practice standards and any applicable regulatory compliance requirements.
With extensive knowledge of regulations for law firms of all sizes, Accellis will help ensure your IT network, documentation, and procedures are aligned with your business objectives.
Security and Compliance Audit services include reviews of:
- Business continuity – security
- Data security
- Security monitoring
- Authentication and access control
- Network security
- User equipment security (e.g.: workstation, laptop, handheld)
- Personnel security
- Physical security
- Application security
A Penetration Test by Accellis is a proactive way to evaluate the security of your IT infrastructure by safely attempting to exploit system vulnerabilities such as application flaws, improper configurations, and risky end-user behavior. A Penetration Test is one of the most commonly used and trusted methods used for assessing security risks.
Our IT security experts uses both manual and automated technologies to evaluate servers, endpoints, web applications, wireless networks, mobile devices and any points of exposure. Any vulnerabilities are then aggregated and presented to your firm. We identify which assets are most critical and provide recommendations for remediation if any are required. We work with you every step of the way to keep your firm safe and secured.
Penetration tests follow documented best practices for security testing methodology including:
- Scoping and rules of engagement
- Analysis and identification of attack vectors
- Exploit testing and penetration attacking
- Immediate notification of critical risks
- Remediate any / all exposed risks (Optional)
- Verify vulnerabilities have been remedied (Optional)
Accellis’ security training services are designed to increase security awareness among your staff and to meet compliance regulations. Training can be designed for individuals, groups or the entire organization – onsite or remotely.
Security training topics include:
- Identity management and password safety
- Recognizing and responding to social engineering attacks
- Private information storage/disposal
- Wireless security guidelines
- Internet and web security guidelines
- Home/family security and implications to the work place
- Portable device security and loss prevention
- Media security including portable backups
- Email security and best practices
- Risk assessment best practices