When it comes to the security of your business, nothing should be left to chance. Arm your business with exactly what it needs to combat a data breach with the help of OCD Tech. From identifying software vulnerabilities with a vulnerability assessment to finding holes in your network with penetration testing, to instantly earning your clients’ trust with a SOC 2 Report, we’ve got you covered. Do you work in a heavily regulated environment like the DoD, Financial Services, or Insurance? Whether your cybersecurity compliance requirements come from federal, state, or local authorities, OCD Tech can help you hit the mark.
IT General Controls
Technology is key to supporting your business processes. We will review the policies, procedures and activities that contribute to your controls. These can include infrastructure configuration, change and patch management, virus and malware coverage, and user account security.
Assurance
You depend on your internal and external IT service providers to keep your systems running. Are you getting what you are paying for? Are they unknowingly putting you at risk? Is your Wi-Fi secure? Can you restore from a backup? Is your data secure? Let OCD Tech provide that independent review and assurance that will give you peace of mind.
Assessments
Threats come from multiple sources: the insider employee or the outsider agents via the Internet. All software and hardware have inherent vulnerabilities. O’Connor & Drew, P.C. can test your security posture and provide you with the information needed to make appropriate decisions to mitigate risk, and decrease exposure to these threats.
DFARS
DFARS 225.204-7012 requires contractors to implement NIST Special Publication 800-171 standards as soon as possible, but no later than December, 2017, to protect covered defense information / controlled unclassified information. Read more about this special requirement on our DFARS 800-171 page.
Recent Blog Posts
IT General Controls
Technology is key to supporting your business processes. We will review the policies, procedures and activities that contribute to your controls. These can include infrastructure configuration, change and patch management, virus and malware coverage, and user account security.
Service Provider Assurance
You depend on your internal and external IT service providers to keep your systems running. Are you getting what you are paying for? Are they unknowingly putting you at risk? Is your Wi-Fi secure? Can you restore from a backup? Is your data secure? Let O’Connor & Drew, P.C. provide that independent review and assurance that will give you peace of mind.
Threat & Vulnerability Assessments
Threats come from multiple sources: the insider employee or the outsider agents via the Internet. All software and hardware have inherent vulnerabilities. O’Connor & Drew, P.C. can test your security posture and provide you with the information needed to make appropriate decisions to mitigate risk, and decrease exposure to these threats.
IT Audit Training
OCD Tech can provide in house training for your staff on effective and efficient ways to perform IT Audit testing.
MA 201 CMR 17 (WISP)
Is your Massachusetts Written Information Security Program (WISP) up to date? Have you performed your required annual review? MA 201 CMR 17.00 requires you to take steps to protect the security confidentiality of the residents of the CommonWealth. Are you sure you are doing your part?
SOC Reporting
Have you been asked for a SOC report as part of an RFP or due diligence project? Do you understand the difference between SOC1®, SOC2®, SOC3®, Type I, Type II? Only CPA firms registered with the AICPA can issue this type of report for you. Let us help explain the key differences in these reports, potentially saving you tens of thousands of dollars.