Reduce Daily Login Burden

Our customer had implemented many different systems and applications to automate several different business processes and needed a way to reduce daily login burden.

Add Security into Systems Development Lifecycle (SDLC)

Our customer realized that the cost of fixing bugs post-deployment was up to 10 times more expensive than dealing with them during design and implementation.

Implementing Mobile Device Management

Our customer was facing productivity problems, possible down time due to viruses, and an increased risk of breach of PII.

Implement Password Management for Shared System Administration

System administrators maintained a poorly protected database of privileged account passwords for multiple systems with only partial accountability.

Encrypt Hard Disk Drives of All Laptop and Desktop Computers

Our customer sometimes deliberately (and sometimes accidentally) stored unencrypted customer and employee PII on laptop and desktop computers.

Encrypt PII in Production Databases

Our customer was storing all their customer’s PII unencrypted in production databases, which were used by front line sales and customer service functions.

Identify and Remove Personally Identifiable Information (PII) from Test Environments

Our customer was using their real customer data in test environments, creating data breach potential.

Write and Implement Revised Information Security Policies

Our customer’s existing policies were out of date. They did not address the latest changes in technology, network architecture, business model, and risk landscape.

Strenghten Patch and Malicious Code Protection Processes

The current server security software patch and malicious code protection processes were leaving our customers’ systems with significant security vulnerabilities for an extended period of time

PII Data Flow Analysis & Control Point Mapping

Our customer had not clearly documented where customer data is received from, stored, processed, or transmitted across its major business processes.

Define and Implement Information Protection Requirements for Services Performed by 3rd Parties

Our customer wanted to require everyone who had access to their sensitive data to comply with their corporate information security policy.