Like all employees in the financial services field we have to deal with the security practices implemented by the SEC. These services can be very costly if you try to do it yourself because having even the smallest violation can cost your company millions of dollars and even jail time. Since being hired here at Martin & Son’s I’ve had the responsibility of keeping our office secure while trying to keep the costs down. This can be very tricky because in order to keep the cost down we hired a second set of eyes to assist me with keeping our data protection up to SEC regulations instead of hiring an outside company because I thought they would charge too much money.
A few months ago I was talking with a friend of mine at a different financial firm and we were discussing how we each have to deal with the SEC regulations and the methods in which we protect our companies. However, once I told him what I was doing to protect our company he informed me that he too used to protect his firm that way and then he came across a company called the Tech Info Group based of Los Angeles that works with companies to protect their firms by keeping their data secure. He told me that from the first time he had contact with them it has been nothing but great customer service and help. He demanded that I give them a try.
The next day I called and told them my situation. They said they had a ton of experience in helping companies just like mine and they would come out to do an analysis of our current security protection. The next day they arrived with all of their equipment and ran an analysis of the server and network. What came back shocked me. Even though I thought I had been running the latest in security protection, they showed me a report that was 5 pages long with breaches in the network and loopholes that a hacker can sneak into and steal company data and information. This was very disturbing because if something had happened I would have cost my company millions in fines along with the possibility of jail time.
The Tech Info Group told me not to worry that they can have my network safe and secure quickly. They also informed that even though they are based out of Los Angeles they can monitor everything in my system remotely and they can prevent any security breaches from occurring prior to them happening with their off-site monitoring service. This made me feel so much better. They even helped me save money on the upgrade of my server and network by using their connections to third party vendors to drive down the price.
I was a little skeptical about turning over the security of my company to an IT consulting firm because I was worried about cost. Once they showed me how they would be able to save me money by working with their partners and driving the price down on servers and networks I wanted to know what it would cost me to monitor my system and to make sure that I am constantly up to SEC regulations. The service sounds great but it sounded like it could be pricey. They eased all my concerns and convinced me that by using them as my consultants I would save money.
I wanted to let everyone know about my wonderful experience I’ve had with them and urge others to find a suitable company to protect your network. I have been using them for 3 months now and have had nothing but great experiences when I had to deal with them on the phone or for them to fix any problems our company may have. I am very happy my friend recommended me to them and I hope someone who reads this can share in my excitement with The Tech Info Group. You can check them out at www.thetechinfogroup.com
FYI to everyone:
Sarbanes-Oxley IT Compliance
With SOX penalties and fines as high as 20 years in prison and up to $15 million it is imperative that you are responsible in how a financial company stores large volumes of data, and the speed in which you can access this data. To successfully sustain SOX compliance, organizations must implement best practices to ensure IT systems not only achieve a known and trusted state but they also maintain said state. Management must be more accountable and aware of the need for a continuous and proactive operational risk management environment that recognizes the links between its technology infrastructure, business processes, compliance, and internal controls.