I offer services in central Oklahoma including Edmond, Norman, Oklahoma City and more.
If you would like more information about these, please
contact me at (405) 367 4872 robert@redearthsecurity.com
Security Consulting
If you wanted to have someone to consult with on Computer Security issues, or anything technical really, you can hire me for a specific duration or on a retainer basis for anywhere from 1-10 hours a month. If you sign up for at least 5 hours a month for a year, you get the following for free:
- Fundamental Network and Desktop Security Assessment performed Annually
- Annual Cyber Security Training for your staff to keep them informed of current computer security risks and good security habits.
Personalized Training
I can train your staff on your processes as well as show them good security habits.
Fundamental Network and Desktop Security Assessments
This foundational assessment provides your with an overview of your cyber security risks. After 1-2 hours on-site discussing your systems and running internal and external network scans, I will prepare a report that describes high-level risks and mitigation recommendations.
Penetration Testing
Using a taxonomy of vulnerabilities (
Common Weakness Enumeration), I would attempt to determine what vulnerabilities exist in your web application platform. The final report would contain, for each vulnerability found, The CWE number and description of the vulnerability, a severity rating, A complete description of how to re-create the issue and thoughts on mitigation.
Review of Policies and Procedures
I would take all written policies and take notes of any un-written policies and determine if there are any gaps that should be filled. The final report would be to describe any risks associated with missing policies and procedures and make recommendations on policies and procedures to adopt. Examples of expected policies would be 'Use of Customer Data', 'Acceptable Computer Use Policy', 'Incident Reporting and Response', 'Annual Cyber Security Training', 'Standard Desktop Configurations' and others.
Security Audit of Production Systems
Starting with an inventory of your production systems and a list of expected permissions, I would work through the systems with the highest business value and perform an audit to ensure only specific staff had access to specific resources. The final report would enumerate the discrepancies and recommend mitigation steps to take.
Network Scan
Use External tools to probe your internet connection(s) to determine appropriate network security. Also, scan the entire internal network using a handheld device, looking for connected devices. This list of connected devices would be compared to an existing inventory. The final report would be to identify discrepancies between expected devices and found devices, identify currently-connected devices that are known to have issues as well as those that are likely to have issues and summarize the external network scans.