Archives for 


Why Do A Risk Assessment

home-riskIf you are a healthcare professional you are already aware that meaningful use compliance requires something called a “Risk Assessment”. If your business is not healthcare based, you might find it surprising that a Risk Assessment can be just as crucial to your business as it is to those healthcare firms who are required to do it.

What is a risk assessment? In short it is a form of audit, in which the security of your facility, infrastructure (including network), systems and most importantly data is tested . It is then compared against industry best practices as well as any regulatory requirments and a detailed report is issued showing deficiencies and needed remediation in order to meet or exceed legal, regulatory and best practices requirements. In addition you will be presented with details on the existing vulnerabilities and threats that could result in a data loss event.

The risk assessment preformed by Finao LLC. is an in-depth evaluation of your business’s security from the lighting in the parking area, to the network firewall and everything in-between. Taking a holistic approach, and a framework based on HIMSS and NIST guidelines and enhancing it with Finao LLC’s half century of combined IT and INFOSEC experience, we provide a truly in-depth and comprehensive risk assessment.

What value aside from meeting regulatory compliance will your business or practice receive from a Finao Risk Assessment?

1. Peace of mind that potential data security vulnerabilities are found and solutions offered to eradicate them.

2. A true analysis in an easy to understand format that provides you with the most likely risks for data loss AND various option to mitigate these risks.

3. Cost savings in potential fines and bad publicity due to a data breach.

4. In the event of legal proceedings, the ability to prove due diligence through best practices.

5. Confirmation that your Information Technology related vendors are keeping you compliant.

6. Discovery of potential abuse and/or prohibited activities by employees or vendors.

In closing, a yearly Risk Assessment when properly performed will provide the practice or business manager not only a realistic view of their firms exposure to risk of data or physical security breach but also provides a legal shield of due diligence and a fantastic base-line for future growth and planning.


Click Here to Contact Us for more information on how FINAO can help you with a Risk Assessment 

Viruses for Everyone

 There was a time when you could use your computer how ever you wanted and you never had to worry about a virus. Computer viruses in some form have been around since the 70’s. The first computer viruses were written more as pranks than to be malicious. Continue reading →

Should I Open that e-mail?

 I get asked questions about opening e-mail attachments just about every day. Someone asks if they should open the e-mail that they got from a friend that claims it is the funniest, cutest, most important e-mail ever. It is a high risk low reward choice to open that e-mail. Continue reading →

Firewall Monitoring, is it for you?

 Barely a day goes by that you don’t see, read or hear a news story declaring the latest big business or government entity that has fallen victim to hackers or data thieves. The scarier truth is, that its not only big companies that are targets, even small firms can become the unknowing focus of attention of a hacker or disgruntled employee. Continue reading →

The Importance of Off-Site Backup

Is your data truly “Backed Up”? If you are only using tape or hard disk backup, then the answer is no. Before the terrorist attacks of September Eleventh, 2001 most business’s were completely comfortable having a backup tape rotation and someone from the office taking a nightly backup home. After 9-11 however, more managers and […] Continue reading →