CSO Compass

Sensible Cyber Security Solutions for your Business

Information Security

Information Security Services: (Get started NOW)

• Network Security Assessment and Monitoring Service
• Data Security Policy Assessment, Definition, and Development Services
• Security Awareness Training
• Software Development Security Practices
• Application Hosting Environment Practices
• Information Security Program Office

Network Security Assessment and Monitoring Service:

Maintaining a network environment, secure from external threats requires on-going vigilance. Our service provides the on-going support and expertise to meet your network security requirements as your business evolves. It starts with an initial risk analysis of your network and determining the appropriate level of security based on usage requirements. Based on this analysis, we then define the appropriate procedures and testing needed to meet your security needs. This includes frequent periodic network scans, followed by a detailed analysis of the results and evaluation of your exposure surface. We save you the time and burden of analyzing numerous pages of unfiltered results from traditional network scanning tools. In addition, we will proactively make recommendations related to Policies, Procedures and change control procedures based on changes in your business environment and recently published network security issues. We are "on-call" to review and assess proposed changes to your network exposure surface.
Back to the top

Data Security Policy Assessment, Definition, and Development Services:

Over half of data security breaches are a result of inadvertent errors by well-meaning employees due to lost laptops, data storage, or misdirection of information. An effective security program significantly reduces this exposure, by proactively implementing effective policies, procedures and tools without being a burden to the operation of the business. The CSO Compass staff works with your organization to understand your operational environment and data needs of the organization. Based on that, the CSO Compass staff assess your policy needs and define and develop the appropriate procedures and policy changes to cost effectively meet your data security needs. This service includes the implementation and the ongoing evaluation regarding compliance to the policy and it's effectiveness.
Back to the top

Security Awareness Training:

There is probably no more effective measure to good security as thorough easy to understand employee security awareness training. We will customize our security awareness training to fit your organizations need with modules designed for the general employee / user population as well as extended content for IT and software staff with access to sensitive resources.
Back to the top

Software Development Security Practices:

Insuring that all of your applications are secure from external threats and vulnerabilities is a critical part of your security program. We work with your development staff in designing and implementing a security review process that is effective and efficient. We work with your staff to augment your current process including code reviews to include security awareness as well as developing procedures to augment your current test methods to incorporate security testing and vulnerability detection.
Back to the top

Application Hosting Environment Practices:

Many technologies exist today to support applications. The CSO Compass team has experience with the configuration and management of many of these environments. We have experience with Java, PHP, Perl, Ruby, Python, Tomcat, JBoss, SQL Server, Oracle, MySQL and many other technologies in large-scale production environments. And, of course, we have experience is the configuration and management of operating systems such as Linux, FreeBSD, Mac OS and Windows.
Back to the top

Information Security Program Office:

The need for ongoing vigilance related to maintaining a secure IT environment encompass many technical and non-technical aspects of the business. The program office service provides consultancy and support to maintain a secure environment as well as supporting your marketing and sales efforts in response to security requirements of your customers and prospects. The CSO Compass team works with your organization in areas related to your priorities and security roadmap. The services are customized to your on-going needs and include:

• Security Dashboard to track your progress and implementation of security requirements and activities.
• Security Roadmap development.
• Assistance in preparation for external security audits and reviews.
• Sales support - Responding to security surveys from your accounts and helping your team meet new security requirements.
• Development and maintenance of FAQ security questions for your marketing organization.
• Vulnerability news and updates on (critical) patches including triage help and advice
• Updating policy and procedures as your business grows and evolves.

Back to the top