|
Wilcox Information Security Group
Why Should You Be Interested In The WilcoxISG Services?
Information
Security is the basic principle of ensuring the availability,
confidentiality, and integrity of information assets and the information
systems required to process that information. The explosion of Internet
commerce and technology has changed the business landscape to a continuous
real-time world. Decision-makers have been challenged to rapidly implement
technology that leverages the Internet or face loss of market share and
revenues. It is essential that the implementation of new technology be done
in a manner that maintains the highest level of information security for the
enterprise. The Wilcox Information Security Group was established to provide
complete information security implementation assistance to private industry,
government, educational institutions, and select business partners.
WilcoxISG
offers a combination of services that assist organizations with the
assessment of their information technology security risks and the
development, and implementation of strategies to improve the state of
information security. Our technical support capabilities coupled with our
extensive law enforcement and investigative experience provides our clients
and business partners with a very unique and versatile set of skills.
Learn about
our capabilities and services from the list on the left.
Overview
The Wilcox
Information Security Group is a full service information security and
technology consulting corporation. Our staff has extensive experience in all
aspects of information security spanning a wide range of business sectors.
WilcoxISG business experience includes private sector manufacturing,
professional service industry, healthcare, pharmaceutical, agriculture, law
enforcement, education, and government. Our services include the
implementation of proven information and Internet security technology to
meet critical business needs, along with the implementation of new emerging
technology solutions and the ongoing day-to-day support of critical business
operations. WilcoxISG capabilities cover the full spectrum of project
complexity. We have the skills to address projects that range from large
Fortune 500 implementations to short-term technical support solutions. Our
security services extend far beyond the typical infrastructure components to
the information and decision making level. Our staff includes members with
extensive experience in law enforcement and criminal investigation which,
when combined with our highly skilled technical resources, provides unique
skill sets to address today’s rapidly changing
environment.
Back to the
Top
Corporate
History
The Wilcox
Information Security Group was established by its CEO, H. Spencer Wilcox,
CISA. Since 1994, H. Spencer Wilcox has been the CEO/Owner of TEAM 2000, a
West Michigan information technology consulting and integration company that
has provided leadership and information technology implementation services
for a number of small businesses, middle market organizations, and Fortune
500 corporations. Mr. Wilcox has an impressive reputation of success in the
information systems industry that includes over 30 years of extensive
experience in the field of information security. In addition to a successful
entrepreneurial track record, his experience includes distinguished careers
at Caterpillar and The Upjohn Company (Pharmacia) where his roles ranged
from highly technical system engineering responsibilities to the management
and direction of virtually all information technology missions, including
global corporate information security organizations.
The creation
of WilcoxISG brought together an information security staff whose skills and
experience are both exceptional and very unique in nature. WilcoxISG
includes people with experience in all aspects of information technology,
and individuals with extensive career experience in law enforcement and
criminal investigation. This broad experience base offers WilcoxISG clients
and business partners a comprehensive set of skills to assist in all aspects
of information security implementation. The leadership and project
responsibilities of staff members has included the establishment of Fortune
500 global security programs, security implementation and support of large
complex mainframe systems, mid-range systems, LANs, intranets, wide area
networks, telephone/voice systems, client server configurations, factory
floor automation and extensive application system security interfaces. While
the WilcoxISG service portfolio is currently aggressively focused on the
Internet and information security arena, its track record of excellence
across all aspects of information systems projects is impressive. Staff
members have provided significant assistance to companies and organizations
undergoing fundamental changes in their structures and the way they do
business. Our staff has helped organizations transition through rapidly
changing environments brought about by mergers, acquisitions, divestitures,
changes in government policies, and rapid shifts in the processes that have
an effect on the way an organization must operate. In addition to Mr.
Wilcox, WilcoxISG has a number of staff members who have many years of
outstanding performance in the pharmaceutical industry. The highly regulated
nature of this environment, along with the premium placed on quality
control, adds additional strength to the personnel portfolio of WilcoxISG.
Staff member credentials include CISA, CPA, Ph.D., numerous advanced
degrees, and ongoing technology certifications.
Back to the Top
Audits and Security Assessments
The Wilcox
Information Security Group audit staff is made up of individuals with many
years’ experience in information systems and security auditing. This
experience crosses a wide range of industries and numerous technology
platforms. As active members of leading security and audit organizations, we
are continually exposed to the latest techniques and best practices in the
industry. In addition to addressing industry practices, we maintain our own
methodologies which can be customized to individual client’s needs.
Our own Certified Information System Auditors (CISA) facilitate the
development of our methodologies. Our services also include the review and
evaluation of recent audits that have been performed for your
organization.
Back to the Top
Healthcare Information Technology Security and HIPAA Compliance
The Health Insurance Portability and
Accountability Act (HIPAA) of 1996 will require that virtually all
healthcare organizations conduct comprehensive audits of their information
processing systems and undertake substantial upgrades and new
implementations of complex security systems and procedures. Organizations
that are effected by HIPAA regulations include physician practices,
hospitals, HMOs, pharmacies, pharmaceutical companies, health insurers,
healthcare billing services, nursing homes, mental health clinics, home
healthcare providers and anyone who handles confidential medical records.
The HIPAA security and privacy regulations are expected to go into effect
before the end of 2000, and healthcare organizations will be required to
demonstrate full compliance with the regulations no later than 24 months
after they go into effect. Many of these organizations are ill prepared to
meet the stringent HIPAA requirements. WilcoxISG staff members have
extensive experience in healthcare information systems as well as the
information systems of other healthcare related organizations such as
pharmaceutical manufacturers and health maintenance organizations. We also
have staff with career experience in clinical practice, medical billing and
healthcare administration. WilcoxISG can assemble a team with an in-depth
understanding of both the complex clinical processes and sophisticated
information systems that are required to operate efficient healthcare
organizations. We have studied every section of the HIPAA legislation and
regulations and can provide all types of assistance required to bring any
healthcare organization, from a solo practitioner medical practice to a
large national hospital corporation, into compliance with all the security
and privacy provisions of the Act. We can provide comprehensive HIPAA
compliance audits, gap analysis, HIPAA training, policy and procedure
development, system design services, and systems upgrades and system
implementation services. We specialize in all aspects of the privacy and
security provisions of HIPAA including, physical site security, hardware,
software and network security, administrative policies and procedures, staff
training, and chain-of-trust agreements.
Back to the Top
Investigative Services (Law Enforcement, Fraud/Hacker Investigation,
Etc.)
The Wilcox
Information Security Group has many years of extensive experience in all
facets of information security, crime detection, and law enforcement. Our
skilled investigators are trained to detect intrusions into your system and
provide solutions to prevent future exposures. Using proven methodologies, a
structured approach, and the latest hardware/software tools, our
investigators are able to identify, analyze and preserve computer evidence
related to your information systems. The compilation and preservation of
evidence is critical when civil or criminal proceedings are possible. We
also provide a rapid response and technical support service to customers
that desire continuous intrusion protection services. Also included in our
services is the investigation and assessment of threats posed by internal
hackers or disgruntled employees.
Back to the Top
Internet Security Policy Development and
Review
The Wilcox
Information Security Group staff has considerable experience in computer
security policy development and review. Our audit staff can examine your
current security policy and make recommendations to protect your
organization from both internal and external threats. The 1999 Computer
Crime and Security Survey conducted by the Computer Security Institute and
the FBI reported that 55% of unauthorized access to computer information was
committed internally, with 30% of the intrusions committed by outsiders. A
strong security policy establishes a foundation for employee conduct issues
and minimizes potential corporate liability exposures. WilcoxISG can provide
policy guidance and development services to your organization.
Back to the Top
Legal Consultation
With the
development and implementation of computer and web technologies, information
has become easier to store, manipulate, and convey to others. Computer
networks, databases, and email offer businesses the opportunity to
communicate with greater efficiency, track their business, coordinate their
operations, and even offer their products and services to the world with
minimal expense. While businesses embrace these benefits, they must
recognize that these same technologies create greater confidentiality risks
to their proprietary information. Businesses can expose highly sensitive
materials to their competitors and the general public just as quickly as a
disgruntled employee can click a mouse. The law offers a significant amount
of protection against the misappropriation or unauthorized disclosure of
commercial trade secrets. WilcoxISG can assist your organization with a
review of current approaches to insure that your business is employing the
best legal practices used in the E-commerce community.
Back to the Top
Executive Consultation
The Wilcox
Information Security Group includes senior level consultants who are highly
skilled in the consultation of corporate executives in all aspects of
information security issues. Ongoing consulting relationships directed at
any information security subject can be of significant value to high-level
corporate executives who are trying to fully understand the complexities of
their corporate technologies. WilcoxISG executive consultants can provide a
non-threatening source of common sense information to a corporation’s
key leadership.
Back to the
Top
Internet and Information Security Quality Assurance and
Testing
The Wilcox
Information Security Group quality assurance processes are the result of
many years of development and implementation throughout a variety of complex
technical environments. The skills provided by WilcoxISG staff members
include a complete knowledge of the requirements for compliance, validation
and testing in pharmecuetical GMP/GLP regulated systems, complex integrated
application systems, global networks, process control applications,
information technology infrastructure change management, and many other
highly sophisticated technology environments. These skills also include
designing and building all necessary content, data integration, regression
scenarios, penetration detection, and security into the system when
exposures or invalid processing is detected. Services are also available to
test and validate new products or product upgrades for companies that desire
independent validation of their products.
Back to the Top
Security Engineering
The Wilcox
Information Security Group technical support staff has extensive skills in
all aspects of system engineering and the development and implementation of
complex production environments. These skills allow us to focus on areas of
information security that are frequently overlooked. As an example, many NT,
UNIX, and Linux shops do not perform adequate security logging, reporting
and analysis. Improperly configured logging implementations can create large
logs that hinder overall system performance. Our expertise can assist in
minimizing potential problems without degradation of system performance or
loss of valuable audit trails. Also, when proper logging is implemented at a
site, we have the expertise to interpret cryptic system data and engineer
solutions to prevent potential or active exposures. We will also secure
web-application servers to prevent unauthorized access by unknown hosts and
users. These engineering techniques help to ensure that only authorized
personnel and security administrators can alter programs, view information,
and change security information.
Back to the Top
Research and Development
Due to the
rapidly changing nature of information security challenges, it is critical
that today’s service organizations continually commit to extensive
research and development investments and project staffing. WilcoxISG
provides its customers and business partners with the necessary resources
and project management skills to address all levels of this important
mission. Our services include new and existing product development and
evaluation, joint venture product development, testing laboratory
capabilities, professional organization leadership, and integration of new
products and application functions.
Back to the Top
Corporate Information Security Program
Development
Members of the
Wilcox Information Security Group staff have in-depth backgrounds in the
development of corporate information security programs in Fortune 500 and
various other successful corporations. Their experience ranges from the
development and implementation of total corporate information security
programs to the re-engineering and enhancement of existing programs. Our
program development services can provide your organization with the ability
to support information security requirements with your own staff members or
we can design a program in which you maintain full control while leveraging
cost-effective external resources.
Back to the Top
Security Administration
Services
The effective
execution of a company’s security administration program requires the
allocation of skilled and often full-time dedicated staff resources. The
Wilcox Information Security Group can assist companies in establishing
effective security administration practices (password administration, log
file review, etc.) and with personnel backup or peak period assistance that
is normally required throughout a company’s annual staff
management.
Back to the
Top
Education and Training
The Wilcox
Information Security Group offers comprehensive custom training programs
designed to meet the unique needs of our clients. Our experienced staff will
provide the tools and instruction needed to address information security
issues in today’s business environment. Corporate businesses and
government agencies are rapidly facing new challenges and security exposures
with the implementation of E-Commerce systems. WilcoxISG personnel are
continually developing new educational programs to assist our clients with
their specialized information security needs. Training seminars and onsite
programs are available.
Back
to the Top
Security and Application System
Integration
The
development of new web-enabled technologies is offering businesses a
multitude of opportunities to broaden the scope of their services and
products, communicate more effectively, and save money in the course of
their operations. The Wilcox Information Security Group’s experience
in developing applications, combined with its ability to support reliable,
fast, and secure information access across multiple organizational
functions, readily positions WilcoxISG to assist clients with application
security-related needs. WilcoxISG has significant experience in the
implementation of packaged and custom application business solutions. This
diverse experience and success in this business segment enhances our ability
to implement security across integrated applications and technology
platforms.
Back to the Top
Business Partner Initiatives
The Wilcox
Information Security Group is continually developing new business
relationships with other information technology service providers. These
business relationships include teaming together on complex projects, joint
ventures, acquisitions, and product support alliances. Our depth of
knowledge in Linux, Unix, NT, and other current technologies enables us to
be very versatile with regards to business alliances and joint initiatives.
We strongly encourage other service providers (firms or individuals) to
contact us to explore potential business opportunities. We currently do not
represent any vendor’s product; however we are postured to move
aggressively in this direction as products emerge that fit our extremely
high quality service level requirements.
Back to the
Top
|
