Security Assessments

HIPAA Risk Assessment:

• Determine how exposed your PHI & ePHI data is and how to mitigate your risks.

Risk Assessment:

• Understand and prioritize your residual risk with practical mitigation recommendations.

IT Security Gap Assessment:

• Evaluate your ability to preserve the Confidentiality, Integrity and Availability of critical information.

CIS Top 20 Critical Security Controls Solutions:

• A prioritized set of best practices created to stop the most pervasive and dangerous threats of today.

Penetration Testing

• Identify real world risks to your organization with ethical hacking and social engineering

IT Security Risk Assessment Process

• STN reviews several sets of process controls, technology controls, and physical security controls.

Administrative Controls

• Reviewing policy, procedures, disaster recovery, business continuity, critical vendors, operations, information security, risk assessment, and regulatory compliance.

External Technical Controls

• Analyzing firewall configurations, internet design, exposed services and border devices, internet servers, intrusion detection/prevention systems, and remote access.

Internal Technical Controls

• Test performed to identify vulnerabilities on the WAN, LAN, Voice system, internal servers/printers, wireless networks, modems, vendor and partner connectivity, logging analysis and report, data-in-transit and portable devices.

Wireless Controls Review

• Identify wireless coverage overreach into non-private areas, identify weaknesses in wireless technical controls, analyze wireless network architecture, search for rogue access points and analyze wireless security configurations.

Social Engineering:

• Test your employee’s ability to resist social engineered attacks, impersonation, and manipulation.

Managed Vulnerability Scanning:

• Internal, External, and PCI-ASV vulnerability scanning with a personalized review by our security analysts.

Penetration Testing:

• Infrastructure, Application, and Mobile penetration testing prioritizing vulnerabilities discovered and recommendations for remediation.

STN Portal

• Access a secure dashboard to track all projects, security assessments, and service tickets.

Email Phishing

• STN’s Email Phishing Service customizes emails specifically targeting individuals at your company.

USB Attack

• STN tests a scenario in which auto-run USB drives containing a simulated malicious program runs when the drive is plugged into a user’s computer.

Phone Phishing

• STN’s Phone Phishing Service tests your employees’ compliance with policy prohibiting surveys and to obtain password policy information or passwords.

On-Site Impersonation

• STN Security Consultants masquerade as a third party vendors or employees to obtain unauthorized access or acquire confidential information.

Cybersecurity Assessment Tool

• Automate your FFIEC CAT self-assessment.

Incident Response Planning:

• Develop and rigorously test your Incident Response Plan.

IT Security Gap Assessment:

• The CAT self-assessment software is built to be intuitive and walk you and your team through the assessment.