The Healthcare Industry


Work with Mercury Z for network engineering services, security, and many other solutions dedicated to the healthcare sector!

Security Services for Healthcare

With increasing electronic storage, transfer, and maintenance of healthcare information, healthcare providers and enterprises operating in the healthcare industry, have to ensure that all data is kept secure. Mercury Z offers a range of security services to guide healthcare entities in identifying any vulnerabilities in their systems, and meeting regulatory standards as required.

Mercury Z offers a HIPAA Compliance service, whereby one of our HIPAA experts guides you through the process of meeting government-set requirements to keep private healthcare information secure. We also provide Vulnerability Assessments, Penetration Testing, Social Engineering Services, among others, to help you identify any vulnerabilities in your network, systems, or personnel, and make recommendations for remediation.

Mercury Z HIPAA service

Mercury Z provides a HIPAA service to help you ensure that in case of an audit, your business can prove that you have done your due diligence to meet the HIPAA standards set by the government. Through a consultative approach, you can gain a more thorough understavnding of what the HIPAA rules entail and what your business needs to do in order to meet these standards, and you will be guided through the process step-by-step by an industry expert.

The Mercury Z Process - HIPAA Privacy & Security Service:

  • Consult with our HIPAA expert to determine your requirements.
  • Send current HIPAA related polices to our expert to review.
  • Through a HIPAA Risk Assessment, our expert will conduct an audit which will address HIPAA’s security standards to see where your company currently stands.
  • Our HIPAA expert will conduct an on-site visit to verify whether current policies are being followed, and conduct an audit of the HIPAA Security Rule.
  • Our HIPAA expert will conduct external security scans, and assess your IT infrastructure security.
  • A report will then be produced by the expert detailing the results of the risk assessment with recommendations on what measures to take in order to be compliant. As well as providing a signed certification of completion, our HIPAA expert is also available to produce custom policies for you as an additional service, to meet HIPAA standards.

Learn More About Security Services!



--
Security-Services-for-Healthcare

Work with one of our trusted experts to become HIPAA compliant:

My goal is to make HIPAA very easy to understand with a step-by-step approach. Times have changed and new laws are now in place concerning HIPAA Privacy/Security, the best way to protect your practice or your business is to be proactive instead of reactive.
-Brian Tuttle, Certified HIPAA Professional, CHA, CPHIT, CBRA, CISSP, CCNA

Vulnerability Assessment / Scan (Tier 1)

Mercury Z provides you with a scan of your network to identify any vulnerabilities in your current state. By revealing what these vulnerabilities are, you will be in a better position to assess the level of your current security and make more informed decisions as to what improvements need to be made.

The Mercury Z Process:

  • Internal and/or external scan of each IP address/Live Host in the test plan (computers, networks, webapps/servers) – internal scans via appliance located within client network
  • Close-out report that ranks vulnerabilities from critical to low, and recommendations for remediation of vulnerabilities

Penetration Testing / Ethical Hack (Tier 2)

Mercury Z conducts a Vulnerability Assessment plus a deeper investigation, with an attempt by a certified ethical hacker to exploit identified vulnerabilities.

The Mercury Z Process:

  • Identifies vulnerabilities that are difficult to detect with automated scanning tools
  • Tests the client’s security tools by exploiting identified vulnerabilities in real-world attack vectors to attempt to gain unauthorized access to internal servers/applications
  • Attempts to escalate exploited privileges and attempts password cracking
  • Close-out report

Social Engineering Services

Email Phishing Service

Mercury Z provides you with an email phishing service whereby a prepared email is sent out to the client’s employees to test their awareness and reactions to an attempt to gain privileged information from them. Hackers typically achieve this by pretending to be a trustworthy entity, and using misleading emails or hypertext links to a false website.

The Mercury Z Process:

  • Consultation – working with Mercury Z to determine the ‘targets’ (departments, employees, executives, etc.)
  • Create the email -agree on the content and layout of the email to be sent
  • Create authentication server -a server is prepared to collect all of the responses to the email
  • Send the email -the prepared email is sent and the server then captures responses
  • Delivery of report and follow-up discussion -a report of the number of responses and the information they contained is compiled by Mercury Zand then presented to the client. Through a consultative process, Mercury Z discusses the issues presented in the report and makes suggestions as to potential steps to take to improve security. Typically, a security seminar for training and further education is highly recommended.

Pretexting Service

Pretexting is a king of social engineering whereby a hacker uses non-technical methods to manipulate an employee into providing secure credentials. This is typically done by creating a scenario where the hacker pretends to be in a position of authority and attempts to trick an employee into providing confidential information. To combat this risk, Mercury Z provides a Pretexting service that establishes a scenario to test employees. This allows you to better assess your organization’s exposure to this kind of risk, as well as educate employees into adopting a more risk-aware mindset.

The Mercury Z Process:

  • In consultation with a Mercury Z Consultant, discuss specific areas to target, which can include finance, operations, and HR among others.
  • The Mercury Z Consultant will learn about your business from you and information freely available in the public domain, which will be used to develop a call scenario to attempt to obtain privileged information.
  • Following the completion of the Pretexting service, you will be sent a report detailing those who have failed the test and the ID/PWD combinations that were given.

Social Engineering Security Seminar

Through a customized course on security, Mercury Z can create a seminar that focuses on your organization’s needs. This can be educational for all employees on the subject of Social Engineering (email phishing, pretexting, etc.). It can be specifically catered towards executives through a separate class if requested.

Mercury Z’s seminar can be delivered on-site with a session in the morning, and another in the afternoon. The Mercury Z Security Consultant delivering the seminar will be available between sessions to answer any general security questions. A video of the seminar can be recorded and customized with the corporate logo and an executive introduction. This can be used to facilitate remote worker training, new hire, and future training/refresher purposes.

Other Security Services

Risk Assessment & Gap Analysis

Mercury Z provides a risk assessment and gap analysis service for businesses operating in the data center industry or operating data centers in other industries, to ensure that they meet the correct regulatory standards that is required of them. Whether it’s HIPAA, PCI, or other standards, if a business fails an audit, they can be subject to thousands or even millions of dollars in fines. A compliance review and gap analysis through Mercury Z’s Security Services can help you to make sure that your company is prepared. Mercury Z will take you through a step-by-step process that reviews your systems for compliance, assesses the level of risk, and provides a report with a detailed gap analysis with steps for remediation.

Web Application Testing

Mercury Z’s Web Application Test is a multi-tiered effort building upon the vulnerability and penetration testing of the physical server and its software. This test provides confirmation that the development of an application has not introduced any additional vulnerabilities based upon the coding. Mercury Z can perform a full-scale security analysis of your web applications to determine your network’s risk of web intrusion. You will also receive recommendations on how to remediate any vulnerabilities.

Wireless Security Testing

A Wireless (WiFi) Security Assessment through Mercury Z analyzes your network’s wireless infrastructure and tests for potential vulnerabilities so you can be aware of potential back-door intrusions. In order to ensure that your network is better protected from newer and more improved methods of hacking, a wireless security testing service will allow you to expose these potential threats. An additional area of concern includes the introduction of “rogue” or unauthorized Access Points (APs) to the environment. These rogue APs are not subject to the same controls as the authorized ones and therefore represent a significant risk. Mercury Z’s Wireless Security Testing locates these and enables you to have them removed.

Forensics

Network forensics monitors and analyzes computer network traffic to gather information, legal evidence, and intrusion detection. When cyber intrusions occur, Mercury Z can place a certified network security expert on your team to conduct a thorough investigation to discover the source of the attacks or other problem incidents. We can help guide your organization to a safer and more protected presence on the web.

Get in Touch!

Telephone: (919) 439-5000
Email: info@mercuryz.com
www.mercuryz.com
1150 SE Maynard Rd
Cary, NC 27511

facebook linkedIn facebook

redlogo100