Information SecurityProtecting your most sensitive data
Information Security Services
Risk Management & Compliance
GraVoc helps your organization drive value out of it’s security investments and ensure compliance with federal, state, and industry regulations. Our goal is to help you identify potential risks and mitigate breaches/losses.
- Program Development
- Risk Assesment
- Disaster Recovery/Business Continuity Planning
- Social Engineering Testing
- Digital Forensics & Incident Report
GraVoc’s IT assurance services help you identify, understand and resolve configuration and security vulnerabilities before they are exploited by real-life attacks. Our expert team of Information Security consultants use sophisticated technology tools to scan and identify potential risks to your information system environment.
- External Penetration Testing
- Internal Network Vulnerability Assesment
- Wireless Security Assessment
- Web & Mobile Application Testing
Certified Information Systems Auditor
Certified Information Security Manager
Certified Information Systems Security Professional
Cisco Certified Network Associate Security
Certified Ethical Hacker
Microsoft Certified Professional
Certified in Risk and Information Systems Control
EC-Council Certified Incident Handler
Silent Hack Attacks
We examined how stealthy a silent hack attack can be by creating an RFID hacking device that can wirelessly and silently steal data from 3 feet away. Once the data has been obtained it is then stored on a microSD card built into a HID MaxProx device, which is an antenna. This is then transferred to a computer and copied onto a re-writeable RFID card using a tool called the ProxMark3, in essence effectively creating an exact duplicate of the card that was stolen silently and wirelessly.
Auditors/Independent IT, Gold
Awarded 2011, 2015, 2016
Banking Technology, Silver
Awarded 2015, 2016
“Our experience with GraVoc’s information security practice has certainly been a positive one. We have been working with GraVoc since 2005 and, year after year, they continue to help us improve our overall IT and information systems infrastructure. Best of all, GraVoc is willing to adapt their scope and methodology to meet our needs.”
“GraVoc’s IT assurance services helped us and our vendors to discover and address potential vulnerabilities in our LAN/WAN environment. As a result, our overall network infrastructure is more secure and better prepared to face emerging threats.”
“GraVoc’s IT audit services are just as they claim: thorough and fair. With GraVoc’s expert analysis and unique approach to the audit function, we are confident that risks related to our IT operation are prioritized and addressed appropriately.”
The FFIEC Issues a FAQ Guide on the Cybersecurity Assessment Toolread more
GraVoc is seeking a Senior Information Security Consultant for our growing Information Security practice. Please see qualifications.read more
On September 9, 2016, the Federal Financial Institutions Examination Council (FFIEC) released a revision of its IT Booklet on Information Security.read more
Decrease your chances of becoming a victim of cyber-crime while on vacation or on the go.read more
How safe are the new chip-based credit/debit EMV cards? As our country adapts to these new payment changes, researchers are finding flaws within them.read more
New approaches to cybersecurity will affect banks in the U.S and other publicly traded companies.read more
GraVoc is a technology-consulting firm located in Peabody, Massachusetts just north of Boston. GraVoc is committed to solving business problems for customers through the development, implementation, and support of technology-based solutions.
"One Company, Many Solutions"