Since 2001, SBS Security has provided exceptional service to corporate, government, and educational organizations. Through strategic partnering with your company and with top industry vendor relationships, we provide smart solutions to protect your digital assets.

• HOME

• COMPANY

• STAFF

• SERVICES

• PARTNERS
  • Cisco
  • Credant Technologies
  • Fortress
  • Ironport
  • Kace Networks
  • Loglogic
  • McAfee
  • Netop
  • Packeteer
  • ProofPoint
  • Riverbed
  • Sophos
  • Symantec
  • Vericept
  • Voltage
  • Webroot
  • Websense

• CONTACT

• EMPLOYMENT

Services

Messaging Systems
Threat Management Let us help you assess your vulnerability to common threats facing all messaging systems including:

• Viruses, Trojans, Worms, hostile scripts
• Denial of Service (DoS) attacks
• DHA: Directory Harvest Attack
• NDNs: Non-Deliverable Notifications
• Phishing
• Spam

If your organization falls under Federal Regulations, you can depend on the auditing and security experience of SBS to assess your risk exposure to one or more of the following:

• HIPAA: Security & Privacy Statutes
• GLBA
• FDA
• Sarbanes Oxley
• SEC 17a
• SB 1386
  

SBS will implement smart cost effective solutions to provide the controls and audit capability you need such as:

• Organizational policy development encompassing digital assets and messaging systems
• Recognition of PHI (Private Healthcare Information), PFI (Private Financial Information) within messages and execute an policy based response
• Proper audit trail of message disposition, including use of encryption
• Secure archival and retrieval capabilities with applicable retention period per regulatory requirements
• Contact your SBS sales person for an overview of impact of Federal Regulations on your messaging infrastructure.
  

Financial IT Risk Assessment & Audit Preparation
SBS is certified and experienced in Financial Information System Risk Management methodologies. We are experienced in assisting State and National banks prepare for FDIC or OCC audit of their information system assets. Let us help you with our proven risk management methodologies to identify threats, assess the effectiveness of your current controls and recommend innovative and cost effective countermeasures to reduce your risk to acceptable levels. We have a proven track record in working with Financial organizations to protect their digital assets and gain compliance with

Federal regulations and guidelines such as:

• Gramm-Leach-Bliley Act (GLB) Section 501(b)
• Office of the Comptroller of the Currency (OCC)
  2001-4 (4-24-2001) Recent National Infrastructure Protection Center (NIPC) advisory on vulnerabilities that may allow access to bank systems.
• 2000-1 “Internet Security: Distributed Denial of Service Attacks”
• 2000-14 “Infrastructure Threats-Intrusion Risks –- Message to Bankers and Examiners”
• 98-3 “Technology Risk Management”
• 98-38 “Technology Risk Management: PC Banking”
• Comptrollers Corporate Manual: Internet and Charters
• 98-31 “Guidance on Electronic Financial Services and Consumer Compliance”
• Federal Deposit Insurance Corporation (FDIC)
• FDIC-PR-93-2001 “Guidance on Financial Privacy”
• FDIC FIL-67-2001 Security Monitoring of Computer Networks
• FDIC FIL-68-99 Risk Assessment Tools and Practices for Information System Security
• FDIC FIL-131-97 Security Risks Associated with the Internet
• FDIC FIL-82-96 “Risk Management and Client/Server Systems”
• FFIEC Authentication Guidance (7/30/2001)

Healthcare (HIPAA) Gap Analysis
We specialize in the HIPAA security and privacy standards. Our consultants are experienced with the interpretation of healthcare regulatory requirements as they impact organizational policy/procedures and technical controls to monitor and enforce compliance. The Privacy standard has been in effect for some time, the Security Rule went into effect on April 20, 2005 and mandates that organizations do the following:

§ 164.306 (a) General requirements

Covered entities must do the following:

(1) Ensure the confidentiality, integrity and availability of all electronic protected health information the covered entity creates, receives, maintains, or transmits.
(2) Protect against any reasonably anticipated threats or hazards to the security or integrity of such information.
(3) Protect against any reasonably anticipated uses or disclosures of such information that are not permitted or required under subpart E of this part.
(4) Ensure compliance with this subpart by its workforce.