Information Security Assessments
Tailored Information Security Assessments, Comprehensive Results
Whether your organization is just beginning to develop an information security program or if you have a mature program that you’re looking to enhance, an information security assessment from the FireOak team can help your organization develop, supercharge, or fine-tune your program.
Our team of experts conducts information security assessments that combine the best of traditional vulnerability assessments with elements of penetration tests to reveal a holistic view of an organization’s security posture.
Traditional vulnerability assessments provide clients with a long list of potential vulnerabilities, but don’t typically include illustrative examples of how these vulnerabilities can be combined by an attacker to allow access to an organization’s confidential information, data, and systems.
On the other hand, traditional penetration tests will provide this level of detail, but only document the vulnerabilities uncovered during the test, ignoring many other potential gaps, weaknesses, and vulnerabilities within an organization’s governance, controls, and security operations. Penetration tests can be valuable, but only when an organization has already identified and addressed all known vulnerabilities.
An assessment designed to fit your organizational needs
Methodology
Through the engagement, we will conduct:
- A thorough, hands-on technical assessment from a security perspective of the on-premises and cloud environments
- In-person interviews with key stakeholders to understand security operations, practices, and processes
- A review of current policies, procedures, and information/data governance framework
For Business Leaders & IT
From a technical perspective, these assessments include details on all of the vulnerabilities present in a network, along with clear examples of how these vulnerabilities can be exploited in the current environment. Business leaders appreciate the clear explanations of how systems can be exploited and what the risks are to their organization. IT leaders appreciate the comprehensive technical details included in findings.
Information Security Assessments: The FireOak Difference
1
Actionable
Our reports are chock-full of practical, actionable next steps. Your team will know what to do.
2
Prioritized
At the end of the report, we’ll include a high-level step of next steps, in priority order.
3
Comprehensive
In addition to the written report, we’ll include the output from all of our technical evaluations.
4
Business Oriented
The report will include an executive summary designed for organizational leaders.
5
Q&A with Execs
We’re available to talk with senior executives, board members, or your full leadership team.
6
Knowledge Transfer
As part of our wrap-up, we’ll debrief with your tech team and will answer their questions.
The FireOak Acorn for Security Assessments
We use the FireOak Acorn in all of our information security assessments. Our team of experts works with your IT staff to install Acorns across your organization’s global on-prem environment. Acorn devices are small and easy to transport, making them ideal for remote and overseas deployments.
Using these devices allows us comprehensive visibility into an organization’s entire network without the high costs and time that can be associated with extensive travel or maintaining an on-site presence.
Recent Articles
News and insight from the FireOak team about managing, securing, and sharing knowledge
-
Open Science Practices Produce Better Science
The September 20, 2019 public symposium, Advancing Open Science Practices: Stakeholder Perspectives on Incentives and Disincentives discussed the research ecosystem in depth.
-
What We’re Reading — October 7, 2019
The FireOak team keeps an eye out for and shares the most interesting articles, reports, and case studies related to managing, sharing, and securing information, data, and knowledge. Here are some snippets from what we’re reading right now.
-
The Dark Side of Open Data
The environment around research data management and open data has become incredibly complex—and the evolution doesn’t appear to be slowing down at all.
-
What We’re Reading — September 25, 2019
The FireOak team keeps an eye out for and shares the most interesting articles, reports, and case studies related to managing, sharing, and securing information, data, and knowledge.
-
Peer Review Week 2019 Highlights Quality in Peer Review
Peer Review Week is celebrating its 5th anniversary this week (September 16-20, 2019)! This year’s theme highlights “quality in peer review.”
-
Childhood Cancer Awareness Month 2019 is supported by Open Access
Researchers around the world are working to develop cures for cancer. During September, which is globally recognized as Childhood Cancer Awareness Month 2019 (CCAM), we would like to acknowledge and thank the researchers, physicians, and publishers who make their findings, data, and publications openly accessible.
-
MERL Tech 2019 Announcement
Join us at this year’s Monitoring, Evaluation, Research, and Learning (MERL) Conference in Washington, DC from September 5-6, 2019 where the FireOak team will have a demo table.
-
Levels of Knowledge Management
A look at four levels of knowledge management (KM): personal or individual; department, project or team; organization-wide; and inter-organizational.
-
Responsible Data Use: A 5 Days of Data Twitter Chat
Over the past few years, responsible data has become a hot topic within the world of international development and humanitarian aid. As funding agencies push for open data and data-driven decision making, and digital technologies continue to evolve, development workers, researchers, and other individuals involved in supporting aspects of the data lifecycle are becoming increasingly concerned with what it means to responsibly collect, manage, transmit, and share data in responsible ways.
-
Data Transparency Panel at ICT4D Conference
Join Abby Clobridge (Founder, FireOak Strategies) and Kait Maloney (Project Manager, Data Transparency Initiative, Catholic Relief Services) for a panel discussion about organizational considerations for data transparency and security at the ICT4D Conference.
-
Adopt a Dataset for Love Data Week 2019
In honor of “Love Data Week” (Feb, 11-15, 2019), Inter-university Consortium for Political and Social Research (ICPSR) is promoting a unique experience for individuals to “adopt a dataset.” This no-cost, no-mess adoption allows the individual to select a dataset hosted by ICPSR and get to know it, if you will.
-
Collection 01 Password Analysis
In January 2019, a massive database of email addresses and passwords was released on the internet. The collection included over 773 million unique email addresses and 21 million unique passwords, credentials that were assembled from many data breaches.