Data Security services are becoming one of CenterLine's most requested services. These services maintain the confidentiality, availability, and integrity of critical data. We have many Financial Institutions and Healthcare clients that look to CenterLine for assistance with data security. In banking, government regulations (Graham-Leach-Bliley) require Financial Institutions to protect the financial information of their clients. In Healthcare, government regulations (HIPAA) require patient information to be protected. CenterLine understands and translates these regulations into practical solutions. In addition, we have experience working with regulatory auditors who ensure proper protection is in place. Data security is an on-going process. It is impossible to predict when existing security implementations will be obsolete due to ever changing threats and vulnerabilities. CenterLine assists clients with developing and maintaining a data security program that addresses immediate and future data security concerns. Data Security Infrastructure Design & Implementation Data security should be considered when designing a network, while maintaining a network, and prior to any network upgrade. This includes identifying critical data to be protected, utilizing built-in hardware and software security, adding additional security solutions to fill gaps, and on-going monitoring. CenterLine assists clients with creating, implementing, and supporting a data security infrastructure that utilizes all security options available within the network environment and addressing remaining vulnerabilities with additional solutions, if necessary. Our strategy addresses the data security infrastructure of the entire organization using industry "best practices". Network Data Assessments & Testing In order to verify a business is implementing effective security solutions, a periodic assessment and testing of the network security should be performed by an independent 3rd party vendor. CenterLine assists clients with assessing and testing their security implementations. The resulting information is compiled into a detailed report, including a corrective action plan that offers concrete solutions to address vulnerabilities discovered. Management often uses these services to confirm their IT staff is properly protecting key company information. Internet Firewall Security Assistance Most businesses recognize the value of an Internet firewall. However, a firewall provides little protection from Internet threats if it's not configured correctly. In addition, firewall logs must be monitored to identify possible compromises of the network security. Immediate action must then be taken to eliminate any threat or data compromise. CenterLine assists clients with identifying the proper firewall solution for their network, implementing and configuring the firewall, developing a monitoring solution, and determining the immediate actions to be taken if the firewall is breached. External/Internal Network Penetration Testing The effectiveness of a network perimeter security solution is determined through testing. External network penetration testing is performed from outside the business to determine if unauthorized access is possible using readily available hacking tools. Internal network penetration testing is performed onsite by attempting to compromise internal security measures using social engineering and network hacking techniques. It is recommended that these services be performed by an impartial 3rd party vendor. CenterLine assists clients with testing external and internal security implementations. We have security certified personnel, trained to use various hacking tools and techniques, available to determine if network perimeter protection is sufficient to secure critical company data. Disaster Recovery Planning & Testing Most businesses consider a media backup strategy to be sufficient for disaster recovery planning. However, a reliable Disaster Recovery Plan is much more comprehensive. It should include key personnel responsibilities, a recovery checklist, and a periodic testing schedule. CenterLine assists clients with identifying critical data and technology services, designing a plan to access the data and services as quickly as possible following a technology disaster, and on-going testing to ensure the reliability of the plan.