 |
Industries We Work With
|
|
Fortune 1000
Companies Make Up Half of Our Business
Fortune 1000 companies are attracted by our
high level of certifications, the breadth of our experience, and the
maturity of our consultants.
Our Certifications Provide Confidence
Over 90 percent of our consultants are Certified Information Systems
Security Professional (CISSPs). Some have multiple certifications. Everyone
knows security is essential to a successful business. Certain legislation
has made security a legal necessity as well - with serious consequences
if a business fails to comply. Our high level of certification makes
it possible for us to offer solutions that give our Fortune 1000 clients
confidence.
We Have Firsthand Experience inside the Fortune 1000
Many of our consultants are IT security professionals who’ve worked
in Fortune 1000 companies. We understand the challenges large corporations
face because we’ve experienced them - firsthand. We offer solutions
that are tailored to the needs of top-tier companies.
We’re Thought-Leaders in the Industry
Our consultants average nearly 10 years of experience. Our consultants
engage in ongoing training and development to maintain a high level
of proficiency. Several of our consultants have been involved in the
development of computer security programs - both undergraduate and graduate
- at colleges and universities. Our consultants hold leadership positions
with the Information Systems Security Association (ISSA) and the Information
Systems Audit and Control Association (ISACA) and are active participants
in industry associations and consortiums.
Learn about:
Back
to top
Financial Institutions Know We Can Help
with SOX and GLBA
Two facts speak for themselves:
- The financial industry
is one of the most highly regulated in the U.S.
- Twenty out of the
top fifty financial institutions in the country are our clients.
We Understand the Regulations
Our understanding of the intricacies of the regulatory environment is
second to none. We’ve helped many financial institutions address their
requirements under Sarbanes-Oxley and the Gramm-Leach-Bliley Act - as
well as the Basel II and Federal Financial Institutions Examinations
Council (FFIEC) standards, California SB 1386 requirements, and other
regulatory directives. Some of the largest financial institutions -
some of those with the most at risk - trust us because they recognize
regulatory compliance is one of our core competencies.
We Know Their Technical Implications
We also have a thorough knowledge of technical implications of the regulatory
environment. We know not just the regulations - but the technology that
will satisfy them and the tools and techniques that will test them.
See Our
Approach for an overview of how we work.
Learn about:
Back
to top
Telecommunications Companies Count on Use
for Full-Featured Security
Telecommunications companies are prime targets
for security attacks. That has always been true to some extent, but
the degree of risk has risen dramatically - because of the exploding
use of cordless telephones, mobile telephones, networked PDAs, and remote
access computers. Telecom companies are required by government regulation
to be up and running 99.99% of the time, so avoiding interruptions to
their business is absolutely vital to their survival.
We Can Work as Needed, or Be a Full Security Partner
Depending on your current security status, we can provide anything
from compliance assessments to full architecture and design recommendations.
We’re Always Available to Help with Security Breaches or Disaster
Recovery
Our goal is always to help you avoid security breaches or, much
worse, full disasters. But both will occur, and when they do, VeriSign
is there to assist you.
We can analyze why a breach occurred:
- To help you solve
it
- To assist with legal
proceedings as technical advisors or expert witnesses
- To help design and
implement policies and procedures to enhance security in the future
Managed Security Takes the Burden off Your Shoulders
We’re available to consult with you - but, if you like, we can
also assume full responsibility for your security needs. Managed security
services can provide you with an outsourced solution that helps you
identify threats and respond to them quickly. We can also train your
employees to be security conscious. We’re available to visit your sites
regularly to make sure the proper policies and standards are in effect.
Learn about:
Back
to top
Healthcare Institutions Trust Us to Help
Them with HIPAA
HIPAA Is a Core Competency
Regulatory compliance is equally pervasive throughout the healthcare
industry. Healthcare organizations have engaged us over the past years
to help assess their compliance with the Health Insurance Portability
and Accountability Act (HIPAA). HIPAA is another of our core competencies
- and the clients we work with recognize that:
- Healthcare providers
- Health insurance
plans
- Clearinghouses
- Medicare and Medicaid
agencies
Safeguarding Electronic Data Is Good Business
Safeguarding electronic data isn’t essential only to HIPAA - it’s also
an essential business practice as healthcare organizations move information
online to automate business processes, streamline communications, and
improve customer service. Security isn’t just about compliance, it’s
about your business.
We Offer Sarbanes-Oxley Compliance Consulting if You’re a Public Company
Our experience helping companies assess their compliance with Sarbanes-Oxley
regulations equals our core expertise in HIPAA. We can recommend solutions
that will help you address the requirements of both sets of regulations
- and do so more efficiently and cost-effectively.
Learn about:
Back
to top
Life Sciences Companies Earn Compliance
with FDA 21 CFR Part 11
Compliance with FDA 21 CFR Part 11 - which
governs how information is transmitted to the FDA - is essential to
pharmaceutical and life sciences companies. Our focus on helping companies
comply with government regulations enables us to provide efficient solutions
- solutions that not only ensure you address regulatory requirements
but that also serve your business.
Learn about:
Back
to top
Retailers Turn to Us for Visa CISP and
MasterCard SDP Compliance
VeriSign was one of the first authorized assessor
and scanning providers for Visa’s Cardholder Information Security Program
(CISP) and MasterCard’s Site Data Protection (SDP) program. Our assessments
also cover the data security standards published by American Express.
We’ve evaluated the security of retailers - both large and small. We’ve
helped them improve their security so they can meet cardholder information
security requirements and network security best practices set by Visa
and MasterCard. Our services also allow retailers to assess their compliance
with any credit card association that recognizes the Payment Card Industry
(PCI) standards
Learn about:
Back
to top
Manufacturers Find Security and Reliability
Serve Profitability
Security and Reliability Serve Profitability
The manufacturers that we work with are typically concerned with intellectual
property - which they share extensively in the manufacturing process.
They’re also concerned about the availability of systems to conduct
business. They use information technology to manage much of the production
process - so they’re concerned that they systems are available and reliable.
Access to confidential information is also a concern since most manufacturing
companies operate on small margins with tight competition. Often a product
has a shelf life of only a few months as a the leading product before
a competitor introduces a similar product. If a competitor were to get
access to marketing and development plans, the shelf life could be cut
- and profits and market share reduced significantly.
Security Is as much Organizational as Technical
We typically perform an enterprise assessment that focuses as much on
business process as it does technology implementation. We’re careful
to assess vulnerabilities in policies and practices - not just in systems.
We’ve discovered that the majority of problems we uncover aren’t just
technical problems, they’re organizational problems.
We Rank Recommendations by Cost and Effort
We know everyone has a limited security budget. We search for
the improvements that are best suited to achieving he business and security
objectives our clients identify - and rank our recommendations accordingly.
We help clients prioritize spending: we do a cost-benefit analysis of
each recommendation and identify which are easiest and least expensive
- and will produce the most effective results.
Learn about:
Back
to top
We Guide Public Sector Organizations through
IA Certification and Accreditation
We Help Meet Government IA Demands
We work with organizations in the public sector to help bring
them in line with government information assurance (IA) demands. We
help them identify requirements that cover key government regulations,
including the OBM A-130 and DoD Information Technology Security Certification
and Accreditation Process (DITSCAP).
We Make Sure the Certification and Accreditation Process Is Successful
Our approach is to determine which U.S federal guidelines are
applicable for your agency. We then make a thorough assessment, and
prepare the necessary documentation. We prepare a security accreditation
package that documents the applicable certification process: what has
been changed, what was currently within certification, and what the
plans are for ongoing compliance. We deliver the package to the appropriate
authorizing official. We then work with that official as needed to make
sure that the certification and accreditation process is successful.
We Offer Greater Confidence and Full Compliance
The result is greater confidence that information is safe and
full compliance with government regulations.
Learn about:
Back
to top
|
Worldwide Sites
