|
pf | Pulliam assists our commercial clients in addressing the confidentiality, integrity and availability of information resources. Our staff takes into considerations the requirements specified in regulation such as: Sarbanes-Oxley (SOX) Section 404, Gramm-Leach-Bliley Act (GLBA) Section 501(b), ISO 17799, Health Information Portability and Accountability Act (HIPAA), COBIT, National Institute of Standards (NIST), The Computer Fraud & Abuse Act (CFAA), FFIEC and credit card security requirements. pf | Pulliam provides the following services to our commercial clients:
- Computer Security Officer (CSO) Support - pf | Pulliam staff will provide assistance in the development, update and/or maintenance of information security program and policies, standards, and procedures. We work closely with the CSO or can act as the CSO to ensure that the documentation developed meets the organizational needs. pf | Pulliam can also assist our commercial clients in developing hardening and configuration guidelines that meet business needs. Finally, pf | Pulliam staff will work closely with the CSO and/or act as the CSO and develop a 1-5 year strategic program plan to ensure that the organization has a plan in place to address their complex and ever changing information security needs.
- Security Assessments – pf | Pulliam staff will conduct security assessment and/or security compliance assessments that meet the organization requirements and follow standards such as: GLBA, SOX 404, FFIEC, HIPAA, ISO 17799. Our staff will work closely with our commercial client to determine all relative regulatory requirements and develop a customized questionnaire and assessment that will meet each client’s individual needs.
- Network and/or Application Vulnerability Assessment / Penetration Testing – pf | Pulliam staff will conduct a network and/or application vulnerability assessment or penetration test that meets the client requirements. We will take into consideration any regulatory requirements such as GLBA, SOX 404, FFIEC, credit card security requirements, etc.
- Security Awareness & Training Support – pf | Pulliam staff will provide assistance in developing and delivering security awareness & training support to our commercial clients. The training material, that pf | Pulliam staff can develop includes end user (general user), management, CSO, and technical support staff.
- Incident Response Team Support – pf | Pulliam staff have the experience to assist our commercial clients in developing policies and procedures as well as assist in developing and staffing an organization-wide incident response team. As part of this process, pf | Pulliam staff assists clients in first establishing a strong working relationship with internal investigative teams, other incident response teams, and outside investigative agencies. pf | Pulliam staff can develop incident tracking databases as well as detailed incident response forms that will be completed as part of every incident reported to the incident response team.
- Security Architecture Assessment and Implementation Support – pf | Pulliam staff can assist our commercial clients in determining what security architecture requirements are in place and needed and then will assist in evaluating, selecting, and implementing information security controls and devices (i.e., appropriate placement of firewalls, network and host-based intrusion detection systems, etc.). In addition, our staff can provide security software / hardware integration or support services to our customers. pf | Pulliam staff are vendor neutral and therefore will provide recommendations to our clients for security architecture devices and/or tools that meet our client unique needs and are cost effective in addressing those needs.
|