Protecting your Business: Information Security, Protection and Disaster Recovery

    Information - be it corporate intellectual property, competitive intelligence, or customer data - must be retained and protected for legal, regulatory compliance and consumer confidence. Statutes such as HIPAA place increasing responsibilities upon the buinesses that retain consumer records. Small and Medium-sized businesses face the same challenges as large companies, but lack I.T. teams that can be dedicated to such a charter.
Many companies fail to understand/assess and address all possible areas of risk/threat. Examples of physical and logical risk areas include:

• Natural disaster
• Data theft
• Data loss
• Data tampering
• Fraud
• Physical site downtime
• Web site defacing
• Virus
• Trojans
• Spyware
• Unwanted spam

    These risks are evident in "online" companies and "brick and mortar"-based businesses. Regardless of size, most companies implement some form of data center to provide consolidated services to their customers, employees and supply chain. The risks are inherently exposed via external (e.g. "hackers") and internal (e.g. disgruntled employees) threats. The process for mitigating risk exposure is involves planning, action and process diligence within a company. Medrus group has experience developing:

• Vulnerability assessment
• Risk mitigation plans
• Disaster recovery plans
• Information security policy
• Acceptable use policy (AUP)
• Information security procedures

    Specific types of I.T. services, protocols and hardware help in risk mitigation. Our company possesses information security experience related to design, development, testing, operations, administration and management of:

• Server, PC and Network vulnerability assessment tools (VAT: Nessus)
• Intrusion Detection Systems (IDS: Snort)
• Firewalls (Checkpoint, IPCop, IPFilter, PF, Smoothwall)
• VPN services (Checkpoint, Cisco, Microsoft, OpenVPN)
• Antivirus services
• SPAM/email protection
• Network monitoring
• Server monitoring
• Data redundancy (RAID) and data backup
• Data encryption (GnuPG)
• Log retention and analysis
• Data center power protection
• Physical building security systems
• Off-site document and data/tape storage services

    Sound information security blends expertise, proactive and reactive diligence and practicality. Medrus Group LLC can help your company find economical "balance" and strategy to guide your company's approach to information protection.