November 2005

To see how these concepts played out in our project for this client, please visit Assessing the Systems Environment to Identify Business Risks.

Todd Herman

Have you ever considered what might happen if, one day, your Information Systems group discovered that your company's network had been breached from outside the company?

In other words, your company had been "hacked"!

This month's e-update is a case study of a recent client project where management wanted to avoid this nightmarish experience. This case study describes our independent assessment of its network security and illustrates the benefits of being "proactive" instead of "reactive."

Another company that we know did not conduct a proactive assessment, and were hacked from outside the company – that Information Systems group determined that all major servers had been compromised, and thus had to:

  • Rebuild the operating systems for all the servers.
  • Reinstall all applications on these servers.
  • Restore all data from the most recent backups.
  • Install a new firewall device.
  • Reconfigure the new and existing firewall devices to work together to provide better security and a true demilitarized zone (DMZ).
  • Configure servers in the DMZ and behind the firewall to securely communicate with each other.
  • Involve the law enforcement officials to investigate the security breach.

As a result, this company incurred an enormous of time and expense that would likely have been avoided by performing an assessment such as the one described in this case study.

As you'll see, one significant benefit for our client was to give them peace of mind. Now, a question for you: Would you would sleep better at night knowing that your network's security had been assessed, reviewed, and tested by experienced and credentialed professionals of an objective firm well-known for "finding a better way"?

The way we look at it, you deserve peace of mind, too.

Give us a call today...336-297-4200.

Sincerely yours,


Todd L. Herman