Enterprise Risk Assessment
As your organization grows in size and complexity, determining exposure to information asset risks becomes more challenging, as does your ability to identify threats and implement effective plans to address them.
An Enterprise Risk Assessment (ERA) helps address these challenges. Additionally, an ERA helps organizations achieve compliance with the following regulatory guidelines:
Digital Defense uses the CERT OCTAVE® Risk Assessment Methodology to provide a holistic, organization-wide view of critical information assets and their associated threat profiles. Once the enterprise risk assessment is completed, a “security roadmap” designed to move your organization to the desired level of risk tolerance can be established.
ERAs are available in three format options:
Physical Site Review
Securing networks and systems is not the only critical aspect of security for organizations. Comprehensive physical security is also imperative.
If an adversary can gain physical access to a network or system, they can gain access to all information and/or data on the networks or systems with little or no technical knowledge required.
During a physical site examination, Digital Defense looks for weaknesses across physical security mechanisms including:
- Interior and exterior CCTV coverage
- Internal and external entrance controls
- Door locks and enhanced security system assessment
- Wireless infrastructure
- Server room access and disaster protection controls
- Assessment of possible IT vulnerabilities
Additionally, our “after hours” physical security sweep measures employee adherence to:
- “Clean desk” policies
- Appropriate disposal of sensitive data
- Workstation locking
- Password safekeeping