RISK AUDIT
SCANNING
How much money could a data breach cost you and your company?
WHAT IS A RISK AUDIT SCAN?
​
It starts with a software system that you download on to your PC or Laptop, similar to how you would download an anti-virus software. After its downloaded, the software will scan your computer (Including shared drives, end-points and cloud-based, hosted services like Dropbox, Google Drive and Microsoft One Drive) for the presence of unsecured vulnerabilities. The scan provides relevant, actionable and timely intelligence to help organizations understand the various internal and external risks that can lead to a data breach. Based on the amount of risks or vulnerabilities that the software detects, it will then calculate a liability amount in dollars from a algorithm designed specifically for determining risks. This will help a company determine where the risk is coming from and how they can amend these issues, where to put their focus, as well as security implementations to reduce risk of a data breach.
​
WHAT IS RISK AND HOW IS IT DETERMINED?
​
The basis to determining risk is information. Every company has some type of proprietary information stored on their computers and most of the time it's the fundamental backbone of the company. Whether it is client and employee personal data, payment data, trade secrets or even company financial data, there is sensitive information that you do not want outsiders to have access to. The sensitive information can be found on laptops, PCs and even mobile devices like tablets and smartphones. We want to find out how accessible this information is to outside threats like hackers and viruses to determine the liability of the company.
​
TYPES OF SCANS:
​
​​
​
​
THE DATA BREACH RISK SCAN
It combines sensitive data discovery and vulnerability scanning with industry data to determine your breach risk in dollars.
This scan looks for:
-
Personal Identifiable Information (PII)
-
Credit Card information
-
Social Security numbers
-
Date of Birth
-
Automatic clearing house (ACH)
-
Driver License
-
Access permissions and Vulnerabilities
​
How is risk calculated?
(Data*Avg) x (Permissions)x (Vulnerabilities) = Liability $$
THE VULNERABILITY SCAN
The vulnerability scan performs a complete assessment to determine any known vulnerabilities that exist and can lead to compromise. Vulnerability severity are rated according to industry standard CVSS (Common Vulnerability Scoring System) methodology and are identified using both CVE (Common Vulnerability Enumeration) and the associated vendor bulletin id’s.
​
This scan looks for:
-
vulnerabilities in applications
-
vulnerabilities in the operating system
THE PCI COMPLIANCE SCAN
Used to satisfy the internal data scanning requirements of the Payment Card Industry (PCI) standard. This compliance framework was brought forth by the major payment card issuers VISA, MasterCard, American Express to help reduce the number of breaches where large numbers of payment card data was being exfiltrated and sold on the black market, causing billions of dollars in fraud.
​
This scan looks for:
-
PCI Compliance
-
Credit Card Primary Account Number (PAN)
-
Vulnerabilities
HIPAA COMPLIANCE SCAN
This law was designed to help improve the portability and continuity of insurance coverage, to combat fraud and waste in health insurance and define national standards for electronic healthcare transactions and national identifiers for providers, plans and employers.
​
This scan looks for:
-
Medical Record Number
-
Date of Birth
-
Social Security number
-
Credit Card numbers
-
email address
-
vehicle identifiers
WHAT DATA IS AT RISK?
WHO HAS ACCESS TO THE VULNERABLE DATA?
HOW CAN HACKERS COMPROMISE THE DATA?
WHAT WOULD A DATA BREACH COST MY BUSINESS?
UNPROTECTED DATA SUMMARY EXAMPLE
We want you to understand how a hacker could compromise your data. Here are the results of a real laptop that had a Risk Audit Scan. Note that the count on the table below describes how many times the information was found in a different place in the machine or on different websites. This could be the same credit card information or date of birth for example, but how many times it was stored in a different location. The more locations that your information was stored, the greater the risk for a data breach, and thus the greater amount it could cost you if that were to happen.
​
​
Discover Credit Card
Visa Credit Card
Social Security Number
Date of Birth
MasterCard Credit Card
American Express Credit Card
Driver's License
1
32
58
17
69
7
4
Potential Liability
$37,788.00
31,671
Files with Violation
69
Files Scanned
Elapsed Time
10 minutes, 58 seconds
Total Violations
168
CONTACT US TO LEARN MORE
To contact us about Risk Audit Scanning or to learn more please leave your information below. We would love to answer any questions or set up a no cost/ no obligation consultation to discuss the risks and options that are available.
​
Ask us about the individual scans that can help keep your data safe:
-
Data Breach Risk Scan
-
Vulnerability Scan
-
PCI Compliance Scan
-
HIPAA Scan
​