A comprehensive security assessment and certification program from Verizon Business is aimed at helping small to medium-size businesses better assess and manage their security risks associated with protecting sensitive company information, according to a Verizon announcement. The company’s Security Management Program (SMP) Business helps proactively protect businesses from security threats by leveraging a set of practices to evaluate a company’s security posture and recommends ways to cost-effectively improve security and ease compliance with industry regulations.
Verizon’s SMP Business is available in two offerings: SMP Business Onsite and SMP Business Remote. Through the Business Onsite service, Verizon security experts analyze security controls (including wireless assessment, physical inspection and internal risk assessment) at the customer’s location while remotely validating additional controls (process and procedure validation, policy review, desktop assessment, payment card industry vulnerability scans and e-mail filter checks). Via the SMP Business Remote service, Verizon security experts perform many of the same basic security activities as those offered by SMP Onsite, performed remotely.
According to industry experts, poor security can result in lost data, customers and money. The company’s 2009 Data Breach Investigations Report found that mid-sized businesses are highly vulnerable to attack, with more than 50 percent of breaches occurring in organizations with fewer than 1,000 employees. Additionally, one-third of breaches studied came from companies with fewer than 100 employees.
“Midsized businesses face the same security risks as large enterprises, but often have far fewer resources to devote to security,” said Carrie Gray, executive director of medium business marketing for Verizon Business. “As one of the most mature security programs in the industry, Verizon SMP offers the expertise and the tools needed to enhance a customer’s security posture. This new service leverages the know-how from Verizon’s long-standing SMP practices and tailors it specifically to meet the needs of medium-sized businesses.”
SMP Business Onsite customers can also pursue an SMP Certification, which must be either maintained or renewed annually. The certification validates that an organization’s information-security controls, policies and procedures have been examined, measured and validated against key controls of the internationally recognized ISO 27002 information security standard. SMP Business comes complete with a user-friendly Web portal that lets businesses view, manage and report on key aspects of their security program including their task and compliance status.