Security Solutions

Providing you with a suite of security services from assessments, to testing, to compliance services!

Mercury

Security

Security Seminar

Through a customized course on security, Mercury Z can create a seminar that focuses on your organization’s needs.

This can be educational for all employees, or specifically catered towards executives through a separate class. We can cover a variety of topics, including phishing or pretexting, among many others.

Mercury Z’s seminar can be delivered on-site with a session in the morning, and another in the afternoon. The Mercury Z Security Consultant delivering the seminar will be available between sessions to answer any general security questions. A video of the seminar can be recorded and customized with the corporate logo and an executive introduction. This can be used to facilitate remote worker training, new hire, and future training/refresher purposes.

Social Engineering

Social engineering network intrusions rely heavily on human interaction.

Your organization’s employees may be unknowingly breaking normal security procedures by providing sensitive data to a hacker. In today’s evolving and ever-changing technology landscape, it can be difficult to navigate and uncover all the different types of social engineering. Mercury Z’s social engineering services can test and assess your organization’s employee security awareness and compliance. Mercury Z then provides a report on the findings so that your organization can take steps to improve security through education and training.

Email Phishing Service

Mercury Z provides you with an email phishing service whereby a prepared email is sent to employees to test their awareness and reactions in an attempt to gain privileged information from them.

Hackers typically achieve this by pretending to be a trustworthy entity, and using misleading emails or hypertext that links to a false website.

The Mercury Z Process:

Consultation – working with Mercury Z to determine the ‘targets’ (departments, employees, executives, etc.)
Create the email – agree on the content and layout of the email to be sent
Create authentication server – a custom webpage is prepared to collect all of the responses to the email
Send the email – the prepared email is sent and the server then captures actions and credentials as provided
Delivery of report and follow-up discussion – a report of the number of responses and the information they contained is compiled by Mercury Z and then presented to the client. Through a consultative process, Mercury Z discusses the issues presented in the report and makes suggestions for improving security. Typically, a security seminar for training and further education is highly recommended

Pretexting Service

Pretexting is a king of social engineering whereby a hacker uses non-technical methods to manipulate an employee into providing secure credentials.

This is typically done by creating a scenario where the hacker pretends to be in a position of authority and attempts to trick an employee into providing confidential information. To combat this risk, Mercury Z provides a Pretexting service that establishes a scenario to test employees. This allows you to better assess your organization’s exposure to this kind of risk, as well as educating employees into adopting a more risk-aware mindset

The Mercury Z Process:

Consultation – working with Mercury Z to determine the ‘targets’ (departments, employees, executives, etc.)
Create the email – agree on the content and layout of the email to be sent
Create authentication server – a custom webpage is prepared to collect all of the responses to the email
Send the email – the prepared email is sent and the server then captures actions and credentials as provided
Delivery of report and follow-up discussion – a report of the number of responses and the information they contained is compiled by Mercury Z and then presented to the client. Through a consultative process, Mercury Z discusses the issues presented in the report and makes suggestions for improving security. Typically, a security seminar for training and further education is highly recommended

Risk Assessment & Gap Analysis

Operating in an industry that is subject to regulatory standards can put a great deal of pressure on network professionals and businesses to ensure all physical and IT systems are in compliance.

Whether it’s a Risk Assessment & Gap Analysis, HIPAA, PCI, GLBA, IATPM, SOX, or other standards, if a business fails an audit, they can be subject to thousands or even millions of dollars in fines.

A compliance review and gap analysis through Mercury Z’s Security Services can ensure that your business is thoroughly prepared for an audit. Mercury Z will take you through a step-by-step process to reviews your systems, policies, and procedures to verify that you meet the requirements for the compliance standards that you need to meet. Mercury Z assesses the level of risk and provides you with a report containing a detailed gap analysis, including suggested steps to take for remediation.

Web Application Testing

Web applications run 24×7 offering data to customers, suppliers, employees, and anyone else who interacts with your company online.

Because of their vast reach, hackers often seek to exploit them – plus they are often weak points in your enterprise security. If hackers obtain access to web applications, they can have the ability to view back-end data on customers, and your company and employees. The level of data they could access through a vulnerability in your web application can range from company financial details, employee security passwords, or even your end-customer’s sensitive identification data.

Experts in security at Mercury Z are fully trained to help you identify the weak points in your web application via our Web App Testing solution. This is a full-scale security analysis of your web application to determine the network’s risk of web intrusion. In addition to assessing your network’s potentials for risk from a web application, we prepare a full step-by-step report for remediation so you can go in and fix the areas of vulnerability.

Have a Project for us?

No project is too big or too small for MercuryZ. We’d love to learn more about your project and how we can help!