Common practices such as two-factor authentication can be forgotten while aberrations such as leaving client’s credit card details in emails are not considered. This is why all our digital security efforts begin with that most simple of tasks: a questionnaire.
This set of in-depth questions ensures the client takes the time to really think about what practices they have in place and what their vulnerabilities might be.
Following this, we carry out an audit in-person. This involves spending a day in the office with our clients, working with different departments or staff members to witness first-hand what needs to be done.
Only then do we design a curriculum specific to the needs of each client. Over the course of 3-4 days, we cover how the vulnerabilities came out, the risks they involve, the correct solution and how to ensure this solution is maintained.
These curricula can range from the basic (backing up data to the cloud, using encrypted messaging services) to the more advanced (digital power regulators, how to detect compromised websites).