Information Security Assessments
Tailored Information Security Assessments, Comprehensive Results
Whether your organization is just beginning to develop an information security program or if you have a mature program that you’re looking to enhance, an information security assessment from the FireOak team can help your organization develop, supercharge, or fine-tune your program.
Our team of experts conducts information security assessments that combine the best of traditional vulnerability assessments with elements of penetration tests to reveal a holistic view of an organization’s security posture.
Traditional vulnerability assessments provide clients with a long list of potential vulnerabilities, but don’t typically include illustrative examples of how these vulnerabilities can be combined by an attacker to allow access to an organization’s confidential information, data, and systems.
On the other hand, traditional penetration tests will provide this level of detail, but only document the vulnerabilities uncovered during the test, ignoring many other potential gaps, weaknesses, and vulnerabilities within an organization’s governance, controls, and security operations. Penetration tests can be valuable, but only when an organization has already identified and addressed all known vulnerabilities.
An assessment designed to fit your organizational needs
Methodology
Through the engagement, we will conduct:
- A thorough, hands-on technical assessment from a security perspective of the on-premises and cloud environments
- In-person interviews with key stakeholders to understand security operations, practices, and processes
- A review of current policies, procedures, and information/data governance framework
For Business Leaders & IT
From a technical perspective, these assessments include details on all of the vulnerabilities present in a network, along with clear examples of how these vulnerabilities can be exploited in the current environment. Business leaders appreciate the clear explanations of how systems can be exploited and what the risks are to their organization. IT leaders appreciate the comprehensive technical details included in findings.
Information Security Assessments: The FireOak Difference
1
Actionable
Our reports are chock-full of practical, actionable next steps. Your team will know what to do.
2
Prioritized
At the end of the report, we’ll include a high-level step of next steps, in priority order.
3
Comprehensive
In addition to the written report, we’ll include the output from all of our technical evaluations.
4
Business Oriented
The report will include an executive summary designed for organizational leaders.
5
Q&A with Execs
We’re available to talk with senior executives, board members, or your full leadership team.
6
Knowledge Transfer
As part of our wrap-up, we’ll debrief with your tech team and will answer their questions.
The FireOak Acorn for Security Assessments
We use the FireOak Acorn in all of our information security assessments. Our team of experts works with your IT staff to install Acorns across your organization’s global on-prem environment. Acorn devices are small and easy to transport, making them ideal for remote and overseas deployments.
Using these devices allows us comprehensive visibility into an organization’s entire network without the high costs and time that can be associated with extensive travel or maintaining an on-site presence.
Recent Articles
News and insight from the FireOak team about managing, securing, and sharing knowledge
-
HIMSS14 Presentation: Knowledge Management And Collaboration
At this year’s HIMSS Conference, Abby Clobridge will be presenting with Dr. Joe Kimura, MD (Atrius Health): Strategic Expansion of Analytics Capacity through Knowledge Management and Collaboration.
-
Upcoming KM in Healthcare Presentation at HIMSS 2014
Look for Abby Clobridge at next year’s Healthcare Information and Management Systems Society (HIMSS) 2014 conference.
-
Scholarly Publishing in Africa – Early Notes
At the Publishers for Development 2013 meeting in London, Susan Murray and I shared some early results and observations from the Scholarly Publishing in Africa survey.
-
Defining Knowledge Management
Although Knowledge Management (KM) intersects with records management, document management, IT, and digital asset management along with other disciplines, its emphasis is on connecting people with knowledge — which, in many cases, includes both digital assets and technology.
-
Why Knowledge Management?
Organizations arrive at Knowledge Management (KM) for a variety of reasons that are often hard to define or pinpoint.
-
The Digital Information Toolkit: Strategies for Adding Value to Work-Related Social Systems
I recently had a chapter published in Trends, Discovery, and People in the Digital Age, a new book edited by Wendy Evans and David Baker.
-
Introducing the Raleigh-Durham Knowledge Management Community of Practice
We’re pleased to announce the launch of a new Knowledge Management Community of Practice for the Raleigh, Durham, Chapel Hill (Research Triangle) region.
-
The Wild West of MOOCs
Hardly a day goes by without a story appearing in a major new outlet about Massive Open Online Courses (MOOCs).
-
Connections between KM and Library Science
On the surface, Knowledge Management (KM) and library science/information management may not seem like natural partners. And while I might be biased — I come to KM from this perspective — I think the linkages between the two areas are clear.