We will work with you to identify where your data is and what practical, cost-effective steps you can take to protect it. We can help you to:

1. Identify the sources of data

2. Evaluate what measures are already in place

3. Consider the most likely ways that data could be “lost”

4. Create a list of practical and cost-effective recommendations

5. Work with you to prioritize the steps and create your roadmap

A SOC 2 audit is a great way to demonstrate that you have strong security controls. Since you have a potential sale tied to this report, we want to make sure the process is as quick and comprehensive as possible. We will help you to:

1. Identify your objectives, scope, and timeline

2. Prepare a gap assessment

3. Identify and prioritize audit controls

4. Prepare a project plan to compliance

5. Work with you every step of the way until you receive the report

Security questionnaires can be long and complicated. It is important that you respond accurately to give your prospect confidence in your security program. We will help you to:

1. Fill out the questionnaire so you can unblock the sale.

2. Handle any follow-up audit questions or calls with the prospect.

3. Prepare a Q&A library so you have responses in one place.

4. Create a “Trust Center” to expedite the sale process.

5. Help you answer other questionnaires to help enable future sales.

Yes. Google Workspace can be HIPAA compliant, but you have to carefully configure the account and monitor how it is used as your business grows. We have done this before and can help you to:

1. Create a compliance checklist for Google Workspace

2. Schedule working sessions with you to make the configuration changes (or do it for you)

3. Set up monitoring rules so you can remain compliant

4. Be there to answer any questions that may come up

5. Review your Google Workspace for ongoing HIPAA compliance every year

Training employees on the latest security topics is important, especially since phishing is still so prevalent. We want the training to be short, practical, and relevant though so employees retain the information! We can help you to:

1. Create security training content and other documentation

2. Deliver live (in person or remote) and/or recorded training

3. Manage your Learning Management System (LMS) with training modules

4. Set up and run phishing exercises

5. Run VIP sessions with your executives to cover more specific topics

It’s never good when your computers act up! It may be nothing, or it may be a sign that something malicious is going on. We can help you investigate and recover your systems to give you that peace of mind. That means we:

1. Investigate and identify the root cause of the problem

2. Work with you to recover your systems or data

3. Advise you on how to notify insurance or other organizations

4. Facilitate discussions with other organizations

5. Conduct post incident sessions so you can be better prepared next time

We offer a range of other services to help you secure and grow your business.

• Fractional CISO / vCISO services

• Risk assessments

• Application and software security

• Audit and compliance with HIPAA, HITRUST, SOC 2, ISO 27001, and more

• Security monitoring

• Incident response

Contact us to learn more!