Compliance

Payment Card Industry Data Security Standard (PCI DSS) is the defining criteria by which any organization that accept credit cards achieve compliance. PCI DSS establishes baseline standards by which Personally Identifiable Information (PII) is handled.

HIPAA is the Health Insurance Portability and Accountability Act of 1996. This Federal government rule was enacted in order to enable the portability of health insurance, assure patience access to their health information, establish security standards for the handling of health information, accountability, and hold those how mishandle or abuse this data accountable.

How IT Works

1

Discovery involves the deployment light-weight agents to search for and identity network devices and endpoints. The devices include workstations, laptops, mobile devices, servers, printers, routers, switches, printers, virtual servers, IoT devices, and cloud-based assets. Discovery seeks to identify rogue, unauthorized, employee- or vendor-owned Bring Your Own Device (BYOD).

2

Protection involves the implementation of policy and the deployment of resources intended to minimize the risk of a cybersecurity event. Protection is a continuous effort to minimize, and whenever possible, eliminate the risk of a cybersecurity event.

3

Detection involves the implementation of policies and procedures in order to facilitate the timely detection of cybersecurity events. These policies and procedures define the human, hardware, and software resources deployed for the timely, continuous, and near real-time detection of cybersecurity events.

4

Response involves the implementation of policies and procedures necessary to react in a timely, effective, and collaborative manner to a cybersecurity event. Response is the rapid mobilization, coordination, and deployment of human and technical resources to contain and resolve cybersecurity events.

5

Recovery involves the implementation of policies and procedures necessary to restore from damage resulting from a cybersecurity event. Recovery seeks to empower the enterprise to rapidly restore, replace, or repair lost data, services, and processes.