ITPG Secure Compliance Mitigates System Vulnerabilities for Large Healthcare Service Provider

Complex server and network hardening project meets stringent compliance timeline

Vienna, Virginia, November 1, 2016—ITPG, an information security firm engaged in all phases of security and risk assessments, mitigation and remediation, has completed a large scale, complex project to harden IT configurations for one of the nation’s largest healthcare data processors. Hardening networks eliminates as many security risks as possible from IT systems, making them less vulnerable to attacks.

“Protecting the Electronic Personal Health Information (ePHI) of patients is the number one priority of our healthcare clients. Ensuring they meet and exceed HIPAA’s Security and Privacy requirements is ours,” said ITPG CEO Kevin Ejtemai.

According to a Verizon study, 94% of unauthorized data access comes through compromised servers. Securing configurations for servers and network devices deployed in a typical IT infrastructure goes a long way in mitigating cyber security attacks.

“Most security practitioners are familiar with Critical Security Controls, understand best practices, and appreciate the challenge in achieving compliance with Center for Internet Security (CIS) benchmarks,” said Frank Shirmo, ITPG’s Chief of Technology and Cyber Security. “Our subject matter experts met stringent timeline requirements needed to develop hardening scripts and golden images for Windows and Linux operating systems, IIS and Apache Web Servers, VMware, Cisco/Fortinet switches and firewalls.”

Established in 1999, ITPG is an information security, compliance, risk management, and managed services firm focused on helping organizations protect their information assets from external and internal threats. ITPG provides threat and vulnerability management, security risk assessments, compliance gap analyses, remediation and virtual CISO services. ITPG’s certified master security architects developed the curriculum and continue to teach courses to prepare information systems security professionals to earn their Certified Information Systems Security Professional credential, considered the gold standard for IT security executives.