Services to Fit your Organization
We address all aspects of your Information Security and Privacy program by supporting your staff and management. We offer services hourly, monthly and under projects with predetermined milestones.
We address all aspects of your Information Security and Privacy program by supporting your staff and management. We offer services hourly, monthly and under projects with predetermined milestones.
Chief Information Security Officers On Demand
"Cyber security resources continue to be in high demand in the U.S., with Chief Information Security Officer (CISO) and engineering positions left vacant. Smaller firms with only part-time information security needs have an even tougher time finding experienced resources that fit their culture."
Working Security CISO On-Demand Services allow you to respond to cyber security, audit/compliance and incident response needs now. If your needs are less than full time or you are searching for a permanent hire, our services keep your projects and operations moving.
Delivered at your offices or remotely, our services are tailored to fit your needs and complement the skills you already have in-house.
We support corporate boards, executives, and owners, as well as CIOs and CTOs who need an experienced strategic resource on specific projects. Our CISOs have deep business backgrounds to support strategic planning as well as the technical knowledge required to work directly with I/T leadership on implementation strategies.
Our CISOs:
Working Security protects Data and Computer Networks
"Working Security is located in St. Louis, Missouri and provides CISO, Computer Forensics, Penetration Testing and other Computer Security services for commercial, government, and non-profit clients."
Meet Compliance and Assurance goals through:
Proactively Test I/T Security Infrastructure and Contingency Plans:
Respond to Suspected and Confirmed Cyber Security Incidents where:
We support your business, unbiased by a desire to sell hardware or software. We help you balance I/T risk management with day-to-day I/T priorities, react to unplanned cyber-security events, and position yourself to minimize the potential impact of future incidents.
Manage your Security and Privacy Program
A Security Program isn't just a firewall or anti-virus software. It’s not just having an I/T guru. A Security Program is a “comprehensive set of policies, processes, and technology” that enable an organization to reduce risk, manage day-to-day secure operations, and respond effectively when incidents occur.
In case after case, organizations suffering breaches are fined for not having a "Security and Privacy Program" in place before the breach occurred.
Protecting the privacy of your customers and securing intellectual property means managing the computing assets and data at the center of your business.
If you’re protecting a single office or twenty, the Working Security and Privacy Program helps you manage and maintain the information security of your organization.
You don’t need to be security expert.
You don’t need to be a computer expert.
We guide you through the landscape of information security, learn about your business and your priorities to build an information security program tailored for you.
We take complex security standards, policies and technology and translate them into guidelines and reminders that enable you to manage risk, maintain policies, train employees, monitor security, and respond to incidents effectively.
Contact us today to learn more about how you can take control of your Security Program.
Working Security performs forensically sound acquisitions of machine images for use in state and federal cases. We perform forensic analysis of Microsoft Windows, Apple OS X, Linux, Apple iOS, Android and other mobile devices. Our formal reports are suitable for litigation, are supported by expert witness testimony and deposition support. We recover data and document timelines on computer use.
Whether your goal is just to recover access to your system or pursue legal actions, we can help.
Our GIAC certified staff meet standards required by the U.S. Department of Defense (DoDD 8570) under the Computer Network Defense Service Provider (CNDSP) Incident Responder program.
Our methods ensure the recovery of data when possible, the preservation of evidence and proper chain of custody including generation of Checksums and Hashes.
Services include:
Contact a Forensic Expert today!
Identify and Protect what's Important
"Risk assessment is the foundation of Information Security. As the first step in almost every information security compliance and regulatory standard, organization must not ignore this vital step."
Identifying information assets and the real threats to those assets allows you to make responsible decisions about protecting them. Without this foundation, you risk spending too much on the wrong solutions to protect the wrong assets. When you get it right, you demonstrate responsible care in protecting the information of your customers and your business.
Risk assessment isn't a marketing give-away and we don't pad our assessments with hardware and software recommendations we hope to sell.
Working Security conducts risk assessments using National Institute of Standards and Technology (NIST) guidelines consistent with the complexity of your business and in compliance with industry standards like HIPAA.
With a Working Security Risk Assessment, you'll be able to make deliberate and prioritized changes to your computing policies and infrastructure that demonstrate due diligence in protecting information. We provide vendor neutral and unbiased assessments of your technology and how it mitigates business risk.
Contact a Security Advisor today to start your Risk Assessment.
Computer Emergency Response Team
24/7 CERT
314.632.6334
Contact a Security Advisor today!
You've been hacked?
Take action, stop the damage, and protect the evidence.
Botnets, advanced persistent threats, Cryptolocker and other malware impact work today and put your business at long term risk. Rogue employees can abuse trust.
When you lose mobile devices, viruses and malware take control of your systems, or someone steals protected information, an immediate and thorough response minimizes the damage to your company.
Working Security Incident Response provides the expertise and information you need to recover quickly. Our GIAC certified staff meet standards required by the U.S. Department of Defense (DoDD 8570) under Computer Network Defense Service Provider (CNDSP) Incident Responder program.
We isolate the source of intrusions, implement controls to block hostile activity and use sound forensic techniques to recover lost data, stop future intrusions and ensure you have the information available to pursue legal remedies.
Services include:
Testing proves you Secure Important Data
"You need to know that your investment in technology is protecting you from data losses and public breaches."
Business partners, clients, and regulators require that you regularly test your websites, networks, and devices for known vulnerabilities and misconfigurations. You test to ensure I/T service providers are diligent, to prioritize future upgrades, and for simple peace of mind. If you don't find the vulnerabilities in your websites and networks, outsiders will.
Working Security Testing Services include:
Working Security delivers vulnerability reports, ethical hacking services, and penetration tests. We provide testing services on-site at your business and remotely by virtual private network (VPN) connection. All test services come with detailed technical results, prioritized to allow immediate mitigation of identified weaknesses. Our reports and matching action plans allow you to demonstrate a responsible standard of care for the data you hold for partners, clients, and customers.
Contact a Security Advisor today to start your test.
Data in the Cloud is still your Responsibility
In this climate, any business already using or considering cloud based solutions must act to ensure data is handled appropriately and service providers are meeting their obligations. Your business data and the personal information of your customers is at stake. The Ponemon Institute study of Cloud Security reports that Cloud Providers assume their customers and end users have more responsibility for security than the provider.
Your cloud provider likely thinks security is more YOUR issue than theirs.
Working Security performs audits of Amazon AWS, Microsoft Azure, Rackspace, Salesforce.COM, and other cloud and web hosting providers to ensure controls are in place to protect your business.
If you are considering cloud deployments, we help organizations develop bid specifications and act as your advocate during negotiation and delivery to ensure your data is secured. We've audited web and cloud service providers for years and understand the assumptions they make about your data.
Contact a Security Advisor today!
Policies are more than Paper
Security policies are the backbone of your legal protection. Without specific information security policies in place, employees may not be aware of their responsibilities to protect business assets and sensitive personal information.
Meeting compliance requirements, keeping employees aware of their duties, and legally protecting your intellectual property are critical steps every business must take.
Working Security Smart Policies are the foundation of protecting your business data.
Contact a Security Advisor today!