Security as a Service

Core Function

Included Services

SMB Security Toolkit

Document Repository with outlines and guides to compliment Monthly webinar series. Webinar series includes:

1. Defining Security
   1. Risk
   2. Controls
2. Regulations and Compliance
   1. Who needs to be Compliant?
   2. What do we need to be compliant about?

i. Privacy

ii. Gramm-Leach-Bliley

iii. HIPAA

iv. Sarbanes-Oaxley

v. PCI-DSS

1. Identifying Risks
   1. Internal
   2. External
   3. Natural
   4. Manmade
2. Building an Information Security Plan
   1. Employees and HR Issues
   2. Access Controls
   3. Data Access and Classification
   4. Procedural Controls
   5. Technical Controls
   6. Physical Security
   7. Network Perimeters
   8. Endpoint Protection
   9. Remote Access Issues
   10. Addressing Data Leakage
   11. Audits and Testing
   12. Backups
   13. Social Engineering
   14. End User Training
3. Building an Incident Response Plan
   1. Identifying Likely Threats and Scenarios
   2. Establishing Priorities
   3. Containment and Isolation
   4. Collection of Evidence
   5. Involvement of Law Enforcement
4. Building a Disaster Recovery Plan
   1. Talking about Scope

i. Small-scale (hardware failures)

ii. Local (tornados, sinkholes, riots,etc)

iii. Regional (Hurricanes, Earthquakes, etc)

iv. National/Global (pandemics)

1. 1. Personnel
   2. Identifying the Business Needs
   3. Setting Expectations and Budget
   4. Advance Planning
   5. Testing the Plan
   6. Example scenarios

i. Fire in Server Room

ii. Tornado destroys building

iii. Hurricane devastates region

iv. Disease Epidemic or Pandemic

v. Just for fun: Zombie Outbreak