InfoSafe Certification Details

Technical Safeguards

Internal Vulnerability Management
Initial and ongoing quarterly scans and checkups are performed to verify that your organization’s internal computer network devices (servers/wireless networks/LAN routers) and every computer (desktop/laptops) are locked down and free of malware or other hidden security threats or vulnerabilities that a cyber-criminal can exploit to gain access to private customer or employee information. This is performed manually by certified security technicians via remote Internet connection, working together with your current IT staff as needed.

External Vulnerability Management
Initial and ongoing external IP address penetration tests are conducted to discover and report potential security weaknesses and vulnerabilities in your organization’s Internet connection(s) and website(s) that put your organization at risk of a data breach from hackers and cyber-criminals. Where vulnerabilities are discovered, we assist you by working closely with your current IT staff to close security vulnerabilities and secure Internet connections and websites to ensure these meet established minimum regulatory requirements for technical safeguards and information security best practices.

Also Provided as Needed (no additional cost):

Secure Data Disposal Service
Prior to disposal of a computer or hard drive, our InfoSafe tech team will provide secure and permanent deletion of individual electronic records and files or completely wipe all hard drive information according to regulatory requirements and that meets or exceeds DoD/NSA secure destruction standards.

Computer Security Software
If needed, we provide the necessary business grade security software (firewall/anti-virus/anti-spyware) for each computer – installed and optimized for your organization by our expert tech team.

File Encryption Software
If your organization does not already encrypt sensitive data, we provide professional-grade file encryption technology that meets or exceeds FIPS/NIST standards for encryption of electronic data. Installed on your organization’s computers to protect both stored and transmitted sensitive files and records.

Emergency Computer Security Support
If a computer becomes infected with a virus or other malware, we provide immediate on-demand expert help via phone and remote Internet connection to remove the security risk and prevent further spreading or infection to other computers or networks.

Online Employee Training

Because information security and privacy training for all employees is a regulatory requirement, InfoSafe provides your organization with a full featured, fully hosted and managed online training center account to easily deliver and manage the required ongoing information security, privacy, and regulatory compliance training for all of your employees, new hires, and temporary workers. All of your employee training is easily delivered and managed in one location, and ad hoc compliance reports are instantly available.

The training center also includes a complete catalog of additional low cost, engaging, and interactive privacy, information security, and compliance training courses available 24/7 for your internal compliance administrator, managers, and employees. Additional training courses include important topics such as state-specific training, PCI awareness, safe remote and mobile computing, responsible social networking, and more.

Customer Privacy Assurance

“InfoSafe Certified” Seal
Your organization is provided with an official electronic seal of certification for its website (if any) that is linked to a live verification web page informing and reassuring customers that your organization is currently InfoSafe Certified and that their personal information is protected. You are also provided with a printable InfoSafe Certification certificate for your records and to publicly display in your office/business location(s). The seal can also be displayed on your organization’s business cards, letterhead or other materials and other customer communications.

Ongoing Management and Certification
To maintain InfoSafe Certification and ensure ongoing compliance and oversight, we conduct monthly, quarterly and annual checkups, testing, and reviews for your organization.

    •External Penetration Testing
    •Internal Vulnerability Testing (Computers, Servers, Router Checkups)
    •Quarterly Compliance Reviews
    •Full Risk Assessment and Compliance Review
    •Information Security Policy Updates (as needed)
    •Compliance Administration Training Updates (as needed)
    •Employee Training Updates (as needed)

Customer Trust and Public Relations
Because certification is newsworthy, we provide your organization with sample announcement letters, press releases, and messaging for your customers, local media, and other business associates to announce InfoSafe Certification. We also provide simple strategies for leveraging your InfoSafe certification to demonstrate to the public that your organization is a forward-thinking business that proactively protects its customers and employees against identity theft and fraud, creating greater customer trust and confidence, increased sales and repeat business, and more referrals.

Certification gives you critical third party validation that your organization has implemented and maintains the recommended and necessary administrative, physical, and technical information security safeguards required by federal, state, and industry regulations that are applicable to your organization.

(Includes Risk Assessment and Essentials)

Protect Your Business with this FREE Fraud Prevention Checklist!

Business Identity Fraud Protection Checklist_book
Small businesses are under attack more than ever! It's no longer a matter of IF, but WHEN! Nearly 75% of all data breaches today occur with businesses with fewer than 100 employees, and the FBI reports that most victims are forced to close within a year.
  • You'll learn the 9 Critical Things every business owner should proactively do to help prevent your business identity from being hijacked and used by criminals to rip you off and commit fraud in your name.