System Integrator or VAR?

Schedule a briefing to learn more about Signal Creek's Expert Services, which are delivered only through partners.

Case Studies

Click to download this Retail Chain PCI Compliance Case Study.

Click to download this DoD Data Center Services Case Study.

Click to download this Health Care Disaster Recovery Case Study. 

IT Compliance Services

 

The Problem

With so much at stake, the knowledge and experience needed to analyze and implement IT compliance is crucial.  IT management is continually challenged to identify and remediate any violations of corporate policies or government regulations.

The Solution

Signal Creek create solutions to meet requirements from both a technical and procedural perspective.  

PCI

PCI requirements place a significant burden on IT. Signal Creek works with enterprise IT managers to improve enterprise IT security with a range of Expert Services, including:

  • Gap analysis—taking into consideration every application and all components of enterprise systems
  • Phased implementation of gap fixes—network segmentation, hardening of devices, application hardening, eliminating unneeded services on applications, firewall configuration, documentation, and testing.

Partners can rely on Signal Creek’s experiences, which spans point-of-sale and internal infrastructure, including POS upgrades, back-up eradication, anti-virus, wireless network configuration, intrusion detection and vulnerability scanning, firewall configuration, data scrubbing, active directory configuration, device configuration (routers, switches), and remote access. 

Signal Creek scopes each specific IT requirement to support the major elements of an enterprise’s PCI compliance strategy, which may include:

  • Implementation and maintenance of a secure network
  • Protection of cardholder data
  • Maintenance of vulnerability management program
  • Implementation of strong access control measures
  • A regular cadence of network monitoring and testing
  • Maintenance of an information security policy

 

SOX

Signal Creek’s experience with SOX compliance ranges from planning and documentation to implementing systems and procedures to ensure IT compliance, so that financial systems align with regulatory requirements and meet audit standards.

While SOX is not an IT-centric regulation, it involves various business units, which IT supports in a typical enterprise.  IT leaders cannot ignore the IT and information security underpinnings of SOX.  Since Information systems contain and manage corporate finances, IT is essential for SOX compliance.

Signal Creek’s experience enables us to focus on what compliance issues are critical for the customers of our SI and VAR partners.  Many are focused on SOX Section 404, as it applies to every system that processes or maintains financial data. As with most information security initiatives, Signal Creek will focus on the best practices for a range of IT domains, including:

  • User authentication
  • Password management
  • Access controls
  • Input validation
  • Exception handling
  • Secure data storage and transmission
  • Logging
  • Monitoring and alerting
  • System hardening
  • Change management
  • Application development
  • Periodic security assessments and audits

 

The Result

IT compliance that’s aligned with an enterprise’s business needs. 

 

For more information on Signal Creek’s IT Compliance Services call us at (303) 467-1643, send us an email at expertservices@signal-creek.com, or contact us through our website.