Our Process

I am sure you have read many recent stories of security failings and data breaches that have resulted in the theft or disclosure of vast numbers of confidential records such as credit card numbers, names & addresses, social security numbers, etc.  Protecting such data has always been important but has taken on new urgency in today’s evolving environment.  Confidential data that was once stored in a locked file cabinet can now be stored on a variety of electronic devices (e.g. desktops, laptops, flash drives, phones, etc.) that are very portable and at risk of being lost, stolen or accessed by others. 

In addition to protecting electronic data, physical documents such as client records, confidential correspondence and payroll records containing taxpayer IDs must also be protected.

Small businesses have become the target of choice for those perpetrating fraud.  This is because a small business is not likely to have many of the more robust controls and protections that a larger business can employ. 

Phase 1:  ($250)

We will come to your business, spend approximately half a day, and conduct a high-level assessment of the environment.  We look at computer usage, the storage of hardcopy and electronic files and correspondence, the physical security of the office and any unique circumstances that may pose additional risk to your business.

We will also answer any questions you may have about IT and physical security, appropriate controls, risks of data loss or theft and how best to mitigate risks.

Phase 2: ($1,250)

We take a deeper look at the information risk, interview key staff, and prepare a detailed report, unique to your business, describing the types of data that should be protected, the current control environment, the risk of loss and proposed recommendations.  He will meet with the leaders of your business to explain the report in detail and answer any questions that may arise.  In addition, we offer training and education to your employees covering the general risks to information and ways to protect themselves and the organization.

Phase 3: (Fixed fee based upon projected hours)

This phase encompasses the implementation of the recommendations in our detailed report along with managing the procedural changes with business leaders and staff (which can often times be difficult).  If you decide to use us for this phase, we will prepare a fee proposal based upon the number of expected hours to complete the project.  If the actual hours are within 10% of the estimated hours, there will be no additional charges.  If the project goes in a new direction or is significantly more complex than originally estimated, further work would be based upon an hourly rate of $100. 

Phase 4: (Fixed monthly fee –$40/month)

We have partnered with NXG Strategies, which is a company providing identity fraud recovery services.  This company will monitor key accounts of the business for fraudulent activities (bank accounts, website, etc.) and alert key leaders at the first instance of suspected fraud or security breach.  The company will also deploy a “Recovery Advocate” who will advise the business on what steps must be taken to recover from the fraud or breach and in fact will do most of the work under a limited power of attorney.  There is no additional charge for the deployment of the Recovery Advocate after an incident has occurred.  This can save the business countless hours of management time and resources in recovering from an act of fraud or breach.

Please keep in mind that your business can elect to do any or all of these phases. 

If you just want to discuss the risks posed to your business based upon how it operates engage us for Phase I.

Then you can elect to obtain the detailed risk evaluation and recommendations report (Phase 2).  A business member could potentially implement the recommendations without help.   However, we are here to assist the implementation or our recommendations in Phase III.

If you just want the protection afforded by NXG Strategies, you can elect that service only or combine it with any of the other phases.  

I encourage you to reach out to take the first step and schedule a phase one appointment or give us a call even if it is to simply have the initial discussion to determine a go-forward decision that most benefits your business and customers. 

In closing, I encourage you to think about your business’s digital and physical environment, as this is a critical challenge of which we must all be cognizant to protect operations. My team and I bring solid expertise and a desire to help provide solutions to this issue that we all could potentially face, but more importantly avoid, with proper guidance. This is an opportunity for you to protect what is most important: your customers, employees and your business.

Give us a call today!   203 307 5123

 

Comments are closed.