When it comes to being compliant with a security regulation or standard, we believe that it is not merely enough to put a checkmark in a box, but rather address your security requirements to ensure that the organization is protected and compliant.
While compliance is great, security is better. Most compliance regulations are all driven to ensure security controls are in place that will protect confidential and proprietary information, such as PII (Credit Card, Social Security Numbers/Social Insurance Numbers, health information) or sensitive files within the corporation such as financials, patents, trade secrets.
The suite of products that we offer is designed to provide a layered defense, blocking the holes through which those with malicious intent can go through, providing assurances that threats from the inside of the network, both intentional and accidental can be mitigated, as well as provide alerts so that your security team can move with speed and insight against a threat.
The suite of products range from the basic end security products through to advanced analystics and behavioural analysis of your network. In addition, products that provide an overview of your existing network infrastructure mapping out your network with all assets being classified as either trusted or untrusted. As we are trained on all of these products, we can assist with setup and configuration to get your organization up and running.
Our products and services can assist with the following regulatory acts:
PCI DSS – Payment Card Industry Data Security Standards, is a standard for organizations that handle credit cards and debit transactions. The standard was created to enhance the security around devices that capture and store credit card/debit card information and reduce credit card fraud.
HIPAA/Hitech – Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act, which are national standards for the protection of electronic health information. This includes confidentiality as provided by the Patient Safety Rule.
SOX – Sarbanes Oxley Act of 2002 which set regulations for public companies.
ISO/IEC 27002 provides best practice recommendations on information security management for use by those responsible for initiating, implementing or maintaining information security management systems (ISMS).
DCID 6/3/NISPOM Chapter 8/JAFAN DoD regulations pertaining to information system security
NERC/FERC which provides for standards that define the reliability requirements for planning and operating the North American bulk power system.
For more information on how Symtrex can help you with IT Security compliance, please contact us directly to discuss your requirements.