Business in the right direction
To discuss your specific business or project needs, contact us.
 
Home arrow Our Solutions arrow Technology Solutions arrow Security

Security

Electronic information management and communication have become the way of working. In a business environment that favors speed and efficiency, a company’s networks and systems can have a dramatic positive effect on productivity, responsiveness, cost, customer satisfaction, and other factors that drive the bottom line. But without careful attention, these same systems and networks can put an organization at significant risk for legal exposure, or worse: damage its reputation and relationships.

Information security is no longer simply the concern of IT; it is a top priority for corporate boards and management teams.

Demonstrate due diligence.

Nearly all businesses have a duty to protect corporate information and regulated personal information. Federal regulations -- such as the Sarbanes-Oxley Act, the Graham-Leach-Bliley Act (GLBA), and the Health Insurance Portability and Accountability Act (HIPAA) -- have increased corporate responsibility and exposure for violations. In addition, state laws -- such as the Illinois Personal Information Protection Act and the California Security Breach Information Act -- require companies to notify all customers of any security breach that compromises personal or private information.

How secure is your digital information?

Addressing information security before it becomes an issue not only can be far less costly -- it also demonstrates to shareholders, customers, and other constituents your commitment to comply with regulations and best practices.

West Monroe Partners can help. Applying many years of network and application security experience and a holistic viewpoint that considers implications for all facets of your business, we provide a comprehensive set of services to assess and improve your information security. These include:

Security assessments and vulnerability scanning

Security assessments and vulnerability looks for weaknesses in applications and networks. Application vulnerabilities include unvalidated input, broken access controls, buffer overflows, improper error handling, insecure configuration management, and other issues. Network vulnerability scanning identifies weaknesses that may affect either availability of the network’s infrastructure and systems or the confidentiality, integrity, or availability of the infrastructure's information assets.

Security control assessments (security gap analysis)

Security gap analyses provide a comparison of current practices with best practices (such as ISO 17799), enterprise policy compliance, and regulatory compliance.

Information asset classification

In order to sufficiently and cost effectively protect critical information assets from security loss, it is important to document the information asset’s sensitivity, protection requirements.

Risk assessment and mitigation

West Monroe Partners will perform an analysis of information assets, threat sources, vulnerabilities, threat likelihood and impact in order to answer questions such as:

  • Which information assets are most likely to be harmed by plausible threat sources and vulnerabilities?
  • For each identified risk, what is the magnitude and likelihood of the loss occurrence?
Based on this assessment, we will recommend corrective action to reduce information risk to an acceptable level.

 

Business impact assessments and disaster recovery planning

Using a proven and comprehensive approach, West Monroe Partners can help you identify critical IT resources, disruption impacts, and permissible outage times in order to develop IT system recovery priorities for the development, testing and execution of a disaster recovery plan. This plan includes a detailed set of procedures used to facilitate the recovery of information processing capabilities at an alternate site.

Security improvement

Our security improvement solutions address security policies, management, and practices; network, server, and application security; and incident response and disaster recovery planning.

Security solution deployment

Based on results of an assessment, we can assist with a number of strategies to correct deficiencies. These include identity and access management; intrusion detection and prevention; logging, monitoring, and reporting; network access protection and admission control; and virus-free, spam-free, secure email.

Security seminars and workshops

Countless studies and reports agree that computer system users are the weakest link in the chain of security protection. Our security seminars and workshops address two broad areas: providing IT managers with timely information about security best practices, and providing security awareness training and knowledge for information workers.

Contact us for more information about technology solutions.
 

Mind the Gap:

Information surrounds us. But for many organizations, the sheer volume makes it difficult to establish an effective business intelligence program.


Learn more:

Read our recent newsletter article on business intelligence.
 
Contact WMP