View document in PDF format
Fred Cox is the CEO of FDC Associates; a Jupiter, Fla.-based Technology Audit firm providing IT Auditing, Corporate Governance and Sarbanes-Oxley consulting services for financial services firms, insurance companies and manufacturing industries. Cox has been using SekChek’s IT auditing and security assessment tools for over 3 years.
Everyone is familiar with the danger of external attacks to computer systems. But, statistics show that the most significant attacks come from internal sources, due to weakness in security implementation, administration, and monitoring. Inadequate security settings can lead to fraud, privacy breaches and theft of client data.
“In a company with hundreds or thousands of system users, regularly checking and updating security settings is a monumental task. As vectors of attack change, the security setting must be continuously adjusted to prevent a successful attack from a new approach or vector. The only way to do this is to increase the monitoring of the security environment, which SekChek does extremely well,” says Cox.
Cox uses SekChek’s automated assessment tool to observe the current security settings on his clients’ host systems. “SekChek allows us to quickly and accurately observe the security settings on multiple hosts, regardless of their operating system, and create actionable information. The print screen alternative to observe these settings is tedious, labor intensive and time-consuming to summarize. The SekChek tool unravels complexity in record time, allowing my on-site auditors and security specialists to focus on remediation rather than information collection. This saves my clients both time and money,” says Cox.
“SekChek is a continuously updated security assessment tool, so I don’t have to worry about the impacts of changes to an operating system or service pack level. One of SekChek’s most valuable features is that it can compare my client’s security measures against those used by its peers, permitting my client to see if it is ahead of, or behind, the security practices in its industry.”
SekChek is equally effective on Microsoft, UNIX and Netware platforms, says Cox. “SekChek’s continuous research and development means I can use the system on virtually any platform. The quality of my services is very high, thanks to SekChek.”