ENSURING BUSINESS CAN CONTINUE DURING A TIME OF CRISIS
A disaster can be defined as (1) an event that causes serious loss, destruction, hardship, unhappiness, or death; or (2) somebody or something that fails completely, especially in a way that is distressing [or] embarrassing. Source: Encarta Dictionary. All too often, business owners and CEO’s consider a disaster such an unlikely event that they do not prepare their organizations adequately for continuity of operations. Recent news stories, such as the Gulf oil spill, show how painfully devastating that approach can be. But what about your business? If a natural disaster happened tonight, destroying your main office, then what? Would your employees know what to do to keep operations going? Would your customers or clients have to go elsewhere for the services that you provide? How quickly could you recover basic I.T. functions in accounting, human resources, and customer service?
While we may not know when a disaster is coming, we can be prepared and ready when it hits. If you showed up at the office tomorrow after a fire, tornado, hurricane, or other natural disaster had visited, wouldn’t you like to have a plan so your employees would know what to do to preserve customers, information, and your business? The cost of preparing, testing and maintaining business continuity and disaster recovery plans is marginal compared to the cost of being unprepared when tragedy strikes.
CONQUERING THE IT BUDGET WITH HIGHLY SPECIALIZED STAFFING SUPPORT
On one hand, budget cuts mean less resources—both human and fiscal. On the other hand, increasingly sophisticated network security threats mean your I.T. staff must be more highly-specialized than ever before. While this may seem like a catch-22, there is a solution.
Budget cuts no longer mean that you have to choose which of your top priority I.T. projects to put on hold. You don’t have to compromise on security or availability. You don’t have to send I.T. staff for more training that would leave the department understaffed. Staff support and recruitment solutions from ICS mean that your organization has access to a higher level of information technology expertise for as long (or as short) as you need it. We can help minimize I.T. staffing costs and at the same time maximize your opportunity for success.
By taking advantage of our specialized technical staffing resources and collaborative services your organization can have the flexibility and expertise necessary to meet even the most complex project and business goals. Short term or long term, temporary or permanent, ICS has staff augmentation services that suit every organization, every project, every time.
PENETRATION TESTING FOR PCI COMPLIANCE
Penetration testing is a Payment Card Industry Data Security Standard compliance requirement. One that can be easily satisfied when you choose the right I.T. security firm.
The PCI Security Standards Council’s Data Security Standard, Requirement 11.3 states that merchants, banks, processors, and point-of-sale vendors should conduct penetration testing on their cardholder data environment and all systems and networks connected to it at least annually and anytime there is a significant infrastructure or application upgrade or modification. While the requirement does allow for the testing to be performed by an internal resource, it is very clear in that the tester should be “organizationally separate from the management of the environment being tested”. The tester must also be qualified and knowledgeable on white box and black box pen testing and additional PCI DSS requirements surrounding each methodology.
If all of this sounds like a foreign language to you, don’t worry. It doesn’t to us. ICS can help prepare your organization for your next PCI DSS assessment. Contact us to learn more.