The following are a
few key areas that LSG can assist your organization.
HIPAA Information Technology (IT) Security Compliance Assessment
Lone Star Graphics, Inc will assess how your organization’s IT
security program supports your HIPAA security policy and
statements. Our approach includes the following areas:
¶ Review of how documented policies and
procedures related to IT security align to these statements and support
your overall HIPAA compliance. We conduct interviews of key IT staff
and compliance personnel to understand how established procedures are
implemented and policy is developed.
¶ Conduct interviews of key personnel to
understand training and awareness relating to the protection of HIPAA
covered materials. We will perform an onsite assessment of
current practices of staff related to the protection of ePHI.
¶ Assess current access controls to both
applications as well as physical or hard copy records.
¶ Review current people, processes, and
technology related to ongoing logging, auditing, and monitoring of
security related events on systems and across the network.
Network Architecture Design Assessment
Every organization’s network is dynamic. Accessibility to data
and the network resources on which that data resides is being
continually place under tremendous pressures. Ensuring the
confidentiality, integrity, and availability of that data is critical
to all organizations. How a network is architected is the first
line of defense.
LSG reviews network designs from a security perspective.
Where devices/systems are
How are critical
systems/applications protected in the design?
Are devices/systems securely
Is wireless access integrated
into the design?
How is the WLAN secured?
Is the WLAN segmented from the
Knowing what information you have, where it resides, and how
important it truly is to an organization is crucial for focusing
limited information technology resources. LSG performs risk based
assessments to uncover the most critical assets that an organization
requires to continue to deliver to clients, patients, customers.
Gaining insight into how an organization functions, how key
stakeholders within the organization use information and how they
perceive data protection, where the information resides and how those
systems are protected provide the basis for improving a security
Attack and Penetration Tests
With no prior knowledge of your company network, LSG will assess
your current security controls and configurations by performing a real
world assessment utilizing common “hacker” tools and techniques. This
assessment is a path of least resistance approach to identifying your
computer system and application security weaknesses and can be
conducted on Internet facing systems or systems only accessible by
individuals internal to your organization, such as employees,
contractors, suppliers, or vendors.. This will provide you insight into
your current controls, general security posture, as well as potential
root cause analysis of underlying process, technology, and/or