Data Security and Business Continuity

Progent's Network Security Auditing Services
Progent's security engineers are experienced in assessing the vulnerability of your information system to all classes of external and internal security breach. Progent can deploy remote, automated security analysis software for quickly and economically uncovering a wide variety of technical security gaps that can be detected via the Internet. Progent's advanced security audit consulting services, which can be provided by security professionals with CISA, CISM, CISSP, ISSAP, or GIAC certifications, can help your business evaluate your procedures, operations, and governance policies and assess your IT infrastructure to enable you to design the highest level of security into your information system. Progent's security engineers can also test your web applications for security vulnerability and can conduct corporate-wide security audits to validate your company's compliance with major security standards including HIPAA, FISMA, NIST, PCI, and ISO.

Automated Security Auditing Software
Progent's consultants are familiar with the use of auditing software such as Microsoft's Baseline Security Analyzer tool, GFI LANguard, NMAP Port Scanner, AMAP Application Scanner, EEYE Vulnerability Scanner, plus tools from Solar Winds tools, Metasploit, Netcat, Hydra, and Nikto, to perform a variety of automatic system scans to identify potential problems:

• Check service pack levels
  
• Check for missing security patches
  
• Check for security alerts/vulnerabilities
  
• Detect unnecessary shares
  
• Detect unnecessary open ports
  
• Detect new security holes using scan comparisons
  
• Check for unused user accounts
  
• Check password policy and strength
  
• Make an inventory of your network
  
• Detect potential Trojans on servers and workstations
  
• Find out if the OS is disclosing too much information

Key software tools Progent's engineers can use to audit and monitor the security of your network include:

• Microsoft Baseline Security Analyzer
  Microsoft Baseline Security Analyzer (MBSA) is the free, best practices vulnerability assessment tool for Microsoft environments. It is a tool designed for the IT Professional that helps with the assessment phase of an overall security management strategy. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems.

• GFI LANguard Network Security Scanner
  GFI LANguard Network Security Scanner (NSS) checks your network for possible security vulnerabilities by scanning your entire network for missing security patches, services packs, open shares, open ports, unused user accounts and more. This information allows you to lock down your network against hackers. GFI LANguard NSS can also remotely deploy missing patches and service packs in applications and OS.

• Microsoft System Center Operations Manager
  Microsoft System Center Operations Manager is a next-generation network management software platform that monitors the availability, performance and security of your information system by proactively identifying problems and trends occurring on servers across your entire network. Progent's Microsoft Operations Manager consulting services include help with configuring Operations Manager or outsourcing a comprehensive remote monitoring solution.

High-level Network Security Audit Consulting
Progent can provide the services of a CISA, CISM, CISSP, or ISSAP-qualified security engineer able to provide your company a comprehensive IS security audit. Progent's security audit engineers offer a wide range of expert consulting services for small and midsize businesses and can deliver these services remotely anywhere in the U.S. or in person in key cities nationwide. Areas covered by Progent's security audit consultants include:

• IS Audit Process
  Progent can provide IS audit services in accordance with IS audit standards, guidelines, and best practices to assist your company in ensuring that your information technology and business systems are protected and controlled. Services available from Progent include:

• IT Governance
  Progent can help ensure that your company has the structure, policies, accountability, mechanisms, and monitoring practices in place to achieve the requirements of business-wide governance of IT.

• Systems and Infrastructure Lifecycle Planning
  Progent can help make sure that your management practices for the development/acquisition, testing, implementation, maintenance, and disposal of systems and infrastructure will meet your company’s objectives.

• IT Service Delivery and Support
  Progent can help provide assurance that your IT service management practices will ensure the delivery of the level of services required to meet your company’s objectives.

• Protection of Information Assets
  Progent can make sure that your security architecture (policies, standards, procedures, and controls) promotes the confidentiality, integrity, and availability of information assets.

• Business Continuity and Disaster Recovery
  Progent can help ensure that in the event of a disruption your business continuity and disaster recovery processes will ensure the timely resumption of your IT services while minimizing the impact on your business.