Services

Don’t be reactive to security. Let us help you be proactive instead.

Book Now

What We Do

Chamfered Technology provides consulting and auditing on Information Security and Privacy to clients across the Algoma Region. Through Udemy, there is also an online course available worldwide! Please visit http://udemy.com/security-awareness-training and use the coupon code SAVE for you 50% discount!

Organizations are quickly trying to adapt to today’s technology filled workplaces. Many organizations have adopted the ‘Bring Your Own Device’ policy which has many advantages, but can also lead to Information Leakage and Privacy Concerns. There are also many other risks and threats that organizations face each and every day.

Chamfered Technology offers services that test many areas in order test security across applications, environments, as well as many other areas.

Security/Privacy Best Practices

Overview:

Having policies in place is crucial to an organization. Reviewing the policies (or creating new ones) is necessary to ensure that the right policies and procedures are in place.

Why:

  • Determine what policies exist and their effectiveness
  • Determine if new policies need to be created or adopted
  • Review current procedures to confirm security best practices

Disaster Recovery and Business Continuity

Overview:

It is essential to maintain business continuity in the event of a disaster. A disaster can be a power outage, it can be someone deleted important files, or it could even be a fire in the data center. Whatever the disaster is, it is important to have a plan for it so that business can resume as fast as possible and limit any kind threat exposure.

Why:

  • Determine what will happen is a disaster occurs
  • Determine how to protect business continuity or minimize downtime
  • Determine what policies and committees are needed

Access Control

Overview:

Not everyone will have a key to get into every room. Not everyone should be able to access all the information stored on a server. Reviewing who has access to what information is important and following a need-to-know policy may be the best practice for certain organizations.

Why:

  • Determine who has access to what information
  • Determine what access levels should be set for employees
  • Determine how to reduce threats by limiting access to areas
  • Determine if two-factor authentication is needed on-site or online

Social Engineering

Overview:

The latest technology to detect and prevent attackers is only as good as the people trained in your organization. The weakest security link is often people. An attacker might talk his way into getting information over the phone or even fake an email to get more information. Social Engineering is attacking people, not technology. This testing can vary and will be thoroughly discussed with the clients.

Why:

  • Determine what information someone is able to get from outside your organization.
  • Determine what policies are in place to handle suspicious emails and phone calls
  • Determine the knowledge employees have to handle phishing attempts
  • Protect your organization’s privacy by increasing employees knowledge on security

Physical Security Review

Overview:

Some companies may have a data center on site, but many will have sensitive data stored somewhere on site. A Physical Security Review will determine if this physical data is properly secured and if not, it will provide recommendations on how to increase security.

Why:

  • Determine where data is stored and if it is properly secured from theft or destruction
  • Determine the level of protection on servers, desktops, and any other machines that may contain secure data
  • Determine if new physical security is needed in certain areas to protect data
  • Protect your physical data which stores your digital data

Security/Privacy Governance and Policy Review

Overview:

Having policies in place is crucial to an organization. Reviewing the policies (or creating new ones) is necessary to ensure that the right policies and procedures are in place.

Why:

  • Determine what policies exist and their effectiveness
  • Determine if new policies need to be created or adopted

Wireless Security Testing

Overview:

Many companies have wifi hotspots across their workplace. This wifi may be password protected, or it might be open. Either way, an attacker may be able to gain access to it. If an attacker can read what is being sent over the Internet, it may be able to get sensitive information or clues on how to attack your systems.

Why:

  • Determine what information is being sent over wifi
  • Determine the strength of encryption (if any)
  • Protect your organization from sending sensitive data over the internet

Port/Vulnerability Scanning

Overview:

If your company has open ports or a public area, then an attacker may be able to scan the open ports and determine certain information from the gathered data. This test will look for open ports (in-person, if requested) and will determine how much information is being displayed publicly.

Why:

  • Determine what information an attacker is able to gain access to
  • Determine what computers, folders, or drives that are available

Contact Us Today!