Assessment & Compliance 

​Many organizations understand that they need to do more in terms of security but don't know how to accomplish this and what to focus on first. LCM works with our customers to implement a security process.  The first step is a security assessment that gives a clear project-based approach to accomplishing this. LCM delivers a Security Assessment that can be used to remediate present vulnerabilities, create a baseline and framework for an ongoing security process without compromising or limiting scope in a cost effective and measureable manner. Using a compliance approach (recommending PCI) that has very well defined policy and process requirements will assess the security of critical and confidential data and systems. This is done using the compliance requirements as an ongoing security program to ensure that remediation efforts are ongoing not as a short-term fix resulting from the assessment. This approach results in a focused and prioritized remediation to protect the critical information and define scope around this critical information. A security budget can be developed with measurable goals against a defined standard to protect the critical data.  ​​​

PCI Assessment Services 

Understanding and implementing the requirements of PCI DSS can seem daunting, especially for organizations without a compliance officer, dedicated IT security staff, or a large IT department. PCI DSS will result in good security infrastructure and effective security processes to protect both cardholder and sensitive data as defined by your organization. 


Although PCI compliance does consumes time, resources and money, LCM’s approach is to make compliance core to your business, which eliminates risks including fines, legal fees and lost business. Implementing PCI DSS is part of a sound enterprise security strategy, which requires making this activity part of your ongoing business plan and budget. 


An organization that doesn’t store cardholder data can also benefit from LCM’s approach by creating sound security infrastructure, policies and processes. ​

Security and Compliance 

LCM Security is pleased to offer an efficient and affordable PCI Service that will see your PCI assessment through a systematic approach as outlined below. 

  • Gap Analysis 
  • Detailed Project Plan 
  • Policy and Process Development 
  • Network Segmentation 
  • Architectural Review: to reduce scope and isolate cardholder and sensitive data 
  • ASV Scans, Internal and External Scans, Pen-Testing 
  • Remediation Assistance and Project Management: all necessary technologies 
  • QSA Certification 
  • Ongoing Vulnerability Management, Reporting and Monitoring


By following these proven steps, your organization will meet your security and compliance requirements on time and on budget. 

Vulnerability Assessments 

Effectively Secure Business Assets, Plan Risk Management, Control Costs and Justify Budgets 

Based on ISO 27001 standards, a vulnerability assessment provides access to engineers with industry certified credentials who can lead organizations through complex security issues. By examining 133 security controls, LCM Security's senior security consultants prepare accurate, actionable information to identify specific network security vulnerabilities within a fixed price service. It delivers security planning tools in the form of a remediation plan, heat card and security scorecard. Results based on risk to your business will build your security and technology roadmap in order to manage resources and budgets, establish priorities, and control and justify costs, Vulnerability assessments will prevent financial loss caused by fraud (hackers, extortionists and disgruntled employees) or through lost revenue due to unreliable business systems and processes.  

LCM Security Assessment Methodology 

Features & Deliverables 

Framework 

  • ISO 27001-2 Standard Controls 
  • Industry and Security Best Practices  


Scope  

  • Applicable Controls Matrix  
  • Asset Risk Profile  


Information Gathering 

  • Architectural Review 
  • Vulnerabiliry Scan  
  • Penetration Test   


Analysis 

  • Technical Support  
  • Summary Support  
  • Gap Analysis  


Results  

  • Security Control Scorecard 
  • Security Technology Roadmap 
  • Detailed Remediation Plan 
  • Senior Security Specialists provide and in-depth analysis of vulnerability data.  
  • Superior combination of industry-leading security scanning tools. 
  • Standards based examination of 133 controls from ISS 27002-2005.  
  • Prioritizing risks discovered and definition of immediate actionable items 
  • Specialized reports for both executive and technical audiences. 
  • Security planning scorecard and remediation roadmap.  
  • Clearly outlined responsibilities and detailed stapes to remediate vulnerabilities.