Information Security Assessments

Tailored Information Security Assessments, Comprehensive Results
Whether your organization is just beginning to develop an information security program or if you have a mature program that you’re looking to enhance, an information security assessment from the FireOak team can help your organization develop, supercharge, or fine-tune your program.
Our team of experts conducts information security assessments that combine the best of traditional vulnerability assessments with elements of penetration tests to reveal a holistic view of an organization’s security posture.
Traditional vulnerability assessments provide clients with a long list of potential vulnerabilities, but don’t typically include illustrative examples of how these vulnerabilities can be combined by an attacker to allow access to an organization’s confidential information, data, and systems.
On the other hand, traditional penetration tests will provide this level of detail, but only document the vulnerabilities uncovered during the test, ignoring many other potential gaps, weaknesses, and vulnerabilities within an organization’s governance, controls, and security operations. Penetration tests can be valuable, but only when an organization has already identified and addressed all known vulnerabilities.
An assessment designed to fit your organizational needs
Methodology
Through the engagement, we will conduct:
- A thorough, hands-on technical assessment from a security perspective of the on-premises and cloud environments
- In-person interviews with key stakeholders to understand security operations, practices, and processes
- A review of current policies, procedures, and information/data governance framework
For Business Leaders & IT
From a technical perspective, these assessments include details on all of the vulnerabilities present in a network, along with clear examples of how these vulnerabilities can be exploited in the current environment. Business leaders appreciate the clear explanations of how systems can be exploited and what the risks are to their organization. IT leaders appreciate the comprehensive technical details included in findings.
Information Security Assessments: The FireOak Difference
1
Actionable
Our reports are chock-full of practical, actionable next steps. Your team will know what to do.
2
Prioritized
At the end of the report, we’ll include a high-level step of next steps, in priority order.
3
Comprehensive
In addition to the written report, we’ll include the output from all of our technical evaluations.
4
Business Oriented
The report will include an executive summary designed for organizational leaders.
5
Q&A with Execs
We’re available to talk with senior executives, board members, or your full leadership team.
6
Knowledge Transfer
As part of our wrap-up, we’ll debrief with your tech team and will answer their questions.
The FireOak Acorn for Security Assessments
We use the FireOak Acorn in all of our information security assessments. Our team of experts works with your IT staff to install Acorns across your organization’s global on-prem environment. Acorn devices are small and easy to transport, making them ideal for remote and overseas deployments.
Using these devices allows us comprehensive visibility into an organization’s entire network without the high costs and time that can be associated with extensive travel or maintaining an on-site presence.

Recent Articles
News and insight from the FireOak team about managing, securing, and sharing knowledge
-
Data Transparency Panel at ICT4D Conference
Join Abby Clobridge (Founder, FireOak Strategies) and Kait Maloney (Project Manager, Data Transparency Initiative, Catholic Relief Services) for a panel discussion about organizational considerations for data transparency and security at the ICT4D Conference.
-
Adopt a Dataset for Love Data Week 2019
In honor of “Love Data Week” (Feb, 11-15, 2019), Inter-university Consortium for Political and Social Research (ICPSR) is promoting a unique experience for individuals to “adopt a dataset.” This no-cost, no-mess adoption allows the individual to select a dataset hosted by ICPSR and get to know it, if you will.
-
Collection 01 Password Analysis
In January 2019, a massive database of email addresses and passwords was released on the internet. The collection included over 773 million unique email addresses and 21 million unique passwords, credentials that were assembled from many data breaches.
-
What We’re Reading — February 11, 2019
The FireOak team keeps an eye out for and shares the most interesting articles, reports, and case studies related to managing, sharing, and securing information, data, and knowledge. Here are some snippets from what we’re reading right now.
-
Exporting and Importing AWS EC2 Server Disk Images
We are heavy users of Amazon Web Services (AWS) Elastic Cloud Computing (EC2) and regularly help clients transition their on-premises systems to the cloud.
-
Part 1: Create and Export an AWS EC2 Volume Image
In this post, I’ll demonstrate a technique using standard Linux tools to export an AWS volume to another cloud provider or on-prem storage.
-
Part 2: Restore and Boot from an AWS EC2 Volume Image
In this post, I’ll demonstrate a technique using standard Linux tools to create a bootable AWS EC2 instance from an imported AWS volume image.
-
Part 3: Automate the Creation and Export of EC2 Volume Images
In Part One, I reviewed the steps required to create and export an image of an AWS EC2 volume. This process works well, but it is somewhat cumbersome and time-consuming for sysadmins, especially when waiting for large images to compress.
-
World Cancer Day – Open Access Research
February 4 is World Cancer Day each year. Join us to thank researchers and publishers for sharing their open access research and open data related to cancer research, technologies, treatments, and prevention programs.
-
What We’re Reading – February 4, 2019
The FireOak team keeps an eye out for and shares the most interesting articles, reports, and case studies related to managing, sharing, and securing information, data, and knowledge.
-
Team Collaboration Platforms Lessons Learned
Over the past few years, we’ve seen tons of collaboration and knowledge sharing platforms become popular including Slack, Facebook for Work, and Microsoft Teams. On top of those platforms, popular project management tools such as Trello, Asana, and Basecamp also include capabilities designed to increase collaboration and knowledge sharing as part of their feature set.
-
Knowledge Base Analytics
Imagine this scenario. You and your team put in the sweat, from research to implementation, and you have rolled out a shiny new knowledge base to your users. Better yet, it’s being used!