Information Security Services

Value of Our Services

  • Reduces the cost of security by aligning investments with business needs
  • Fixes business problems
    • Identifies needs and risks
    • Provides plan of action and resource needs
    • Operationalizes needed foundational programs
    • Reduces exposure
  • Helps you meet regulatory needs and ensures that you can make good on your privacy statement
  • Enhances business trust relationship

Service Approach and Overview

Onsett specializes in the development of a Comprehensive Information Security Program (CISP). We deal with Information Security as more than just a technology problem or a privacy statement, we deal with it as the business problem of effectively managing risk. Effective information security is provided by developing, enforcing and maintaining safe computing practices along three fronts: technical infrastructure, process, and people.

We specialize in helping C-level managers (CISO, CIO, CTO, etc.) in large companies solve tough information security problems--creatively and pragmatically. Onsett's experience with operationalizing and institutionalizing information security programs--making things happen and making them stick--provide a strategic advantage to Information Security leaders as they multiplex with tactical issues.

Onsett's information security consulting services include: 

  • a virtual Chief Information Security Office (vCISO) role
  • a highly prescriptive enterprise-level Information Security Assessment (not a technology-centric "perimeter scan" or a financial audit addendum) to establish an "as-is" baseline from which strategic plans are made to get you to your desired "to-be" state
  • a Roadmap to operationalize programs especially those required for regulatory compliance and to accommodate strategic business plans (e.g., Gramm-Leach-Bliley (GLB), Health Insurance Portability and Accountability Act (HIPAA),  and e-business initiatives)
  • an Incident Response Program
  • a Due Diligence Assessment Framework to assess the Information Security effectiveness of your partners (GLB and HIPAA requirement)
  • a Security Administration Framework to provide a centralized approach to the distributed management of application-level credentials
  • a Security Development Framework to ensure the security of high risk software applications you're developing
  • a Self-Assessment Framework to assess the Information Security effectiveness of legacy and commercial systems and applications
  • a Services Directory to transform Information Security technical services into business services; and Awareness Programs

Our experience and approach to enterprise-level Information Security provide an effective force multiplier and trusted advisor relationship to large companies as they continue to mature their Information Security programs and organization.

For more information, please email infosec@onsett.com or call +1 617.577.9130, dial 1 232.

Click to see details on Onsett's Information Security consulting services.
Home | Company | Information
Security		 | Privacy | Service
Management		 | Executive
Seminars		 | DTMM | Careers | Search

WebMaster   |   Information
2003 Onsett International Corporation
<% var DbConn = Server.CreateObject("ADODB.Connection") var Webinar_DSN = Session("WebHits_DSN") var DbConn.Open ("WebHits_DSN;") var SQL = "INSERT INTO Hits (WebPage, RemIPAddr, RemIPHost, RemWBType, RemWBVers, RemSpeed, RemOpSys, RemScrRes) VALUES ('" + url +","+ wwwip_addr +","+ wwwip_host +","+ wwwbrowser +","+ wwwversion +","+ wwwspeed +","+ wwwopersys +","+ wwwscrn_wd +"')" Response.Write (SQL) DbConn.execute (SQL) %>