Case Study: Meeting IT Security Needs with Solid Planning
It’s not a question of “if” an IT security breach will be attempted; it’s only a question of “when.” Smart corporate management knows the only answer to this quandary is professional IT security planning. That’s why one Atlanta-based technology company marketing to the financial services industry engaged The Intersect Group to create an expert-level plan of security policies and procedures to prevent breaches from harming the company or its customers.
The Intersect Group’s experienced IT security professionals began the project on site, gathering
information directly. Using a comprehensive approach to determining risk factors, inconsistencies and potential
gaps in the client’s security, they explored all areas and sources of potential jeopardy— from hardware
and software systems, applications and network devices to monitoring tools and response plans. They also examined existing
policies, evaluated training and awareness programs, and considered all in the context of compliance standards including
SOX, PCI, and HIPAA. After this thorough analysis, the team presented its findings and recommendations for tightening
security.
In the next phase, the team developed a comprehensive security policy and procedures plan that became the controlling standard for the company’s operational environment. The plan includes recommended best practices for logical access, intrusion detection and prevention, firewall configuration, website safeguards and all other technical aspects of security. It also addresses internal business processes and non-technology issues, such as event management and emergency response.
The security plan encompasses policies extending enterprise-wide. It references inconsistencies in security across departments or functions, and establishes measures to remedy situations and decrease risk. The plan documents monitoring and response mechanisms, communication and reporting, and employee education and awareness measures. Policies are tailored to fit individual circumstances.
The Intersect Group met all internal, customer and regulatory requirements and gave the company a documented, comprehensive security plan to improve the organization. The Intersect Group worked with internal resources to implement the plan, and provided the standard for periodic professional reviews and follow-up assessments. With potential security vulnerabilities addressed, management and customers are confident their environment is protected, and their business secure.
Total cybercrime losses in 2005 were $130.1 million; the majority of the losses were due to viruses, unauthorized access to computer systems and theft of propriety information. CSI/FBI Computer Crime and Security Survey, October 2005
20% of consumers terminated a relationship with a company after being notified of a security breach. Ponemon Institute, December 2005
###
About The Intersect Group
The Intersect Group, founded in 2006, is a different and better business
partner. The Intersect Group creates unparalleled value for its clients by combining industry-leading consulting
capabilities with comprehensive staffing and recruitment services. Clients trust The Intersect Group to deliver results
based on their deep expertise and proven resources within finance, accounting, and information technology. Through The
Intersect Group’s flexible delivery approach, you get the right solution, at the right time to accelerate your success and
achieve all of your mission-critical objectives.
Since inception, The Intersect Group's revenue has grown 800 percent, posting $3 million in revenue in its first year and a record $27 million in annual revenue at the end of 2010. The Intersect Group is one of the top 500 fastest growing privately held companies in the United States, as determined by Inc. magazine. In addition, Inc. magazine ranked us within the top 100 in the Business Products and Services category. The Intersect Group's 420 employees serve clients nationwide from offices in Atlanta, GA, Chicago, IL, and Dallas, TX.
