Security Assessment

It's important to establish a baseline and close existing vulnerabilities.  When was your last assessment?




Security Awareness

Train your users - often! Teach them about data security, email attacks, and your policies and procedures.  We offer a web-based training solution and "done for you" security policies.




Dark Web Research

Knowing in real-time what passwords and accounts have been posted on the Dark Web will allow you to be protective in preventing a data breach.  We scan the Dark Web and take action to protect your business from stolen credentials that have been posted for sale.



Project Management

Transparency data is embedded within the network as a whole, by definition it is pubic.

It cannot be corrupted altering any unit of information the blockchain would mean using a huge amount of computing power to override the entire network.  


It's a wonderful new year, which brings with it a fresh new page so to speak.  It provides a way for us to reflect, but also not dwell on what did not happen in the past.  Yet it also provides an opportunity to change or eliminate behaviors, systems and procedures that simply did not work!


Here are just a few basic things that need to be remembered in your own small, medium or growing firm. 

7 IT Policies and Procedures That Companies MUST Have

1.     Access Control Policy.  How are users granted access to programs, client data and equipment?  Also includes how administrators are notified to disable accounts when needed.


2.      Workstation Use Policy.  Requiring secure passwords, monitoring logins and limiting unsuccessful logins are just a few of the basics covered.  Policies also need to cover basic security best practices such as not allowing passwords to be written down or shared with others.


3.     Security Awareness Training.  Organizations must ensure regular training of employees regarding security updates and what to be aware of.  You must also keep an audit trail of your reminders and communication in case you’re audited.


4.     Malicious Software Controls.  You must have documented policies for the frequency with which anti-malware and antivirus software are updated and what happens if an infection/outbreak occurs.


5.      Disaster Recovery Plan.  How you respond to emergency situations (of all shapes and sizes) must be fully documented and tested regularly.  A full Disaster Recovery Plan is something our company can help you with.


6.      Media Disposal Policy.  How do you dispose of old computer equipment and data?  You must have policies and procedures in place that cover exactly how all equipment is properly disposed of and logged.


7.      Review and Audit Procedures.  There’s much more to compliance than the 7 items discussed here; however,  be certain also that whatever you do has a firm audit trail/log that shows that everything has been executed according to plan.


These are just starting points.  If you’re subject to compliance regulations or just want to make sure that your company is covered by these simple best practices, contact our office and we’ll be happy to review these areas with you. 


HITECH has been around for quite some time.  Even so, many companies covered by specific laws or regulations are way behind the times when it comes to actual implementation.  And when you really think about it, even companies not covered by these specific laws, should have the requisite policies and procedures in place. 

J.  Lucas,



4050 Pennsylvania Avenue #8961




© 2020 by Kacil  Consulting