Information Security

Protecting your most sensitive data

Information Security Services

Risk Management & Compliance

GraVoc helps your organization drive value out of it’s security investments and ensure compliance with federal, state, and industry regulations. Our goal is to help you identify potential risks and mitigate breaches/losses.

 

  • Program Development
  • Risk Assesment
  • Disaster Recovery/Business Continuity Planning
  • Social Engineering Testing
  • Digital Forensics & Incident Report

IT Assurance

GraVoc’s IT assurance services help you identify, understand and resolve configuration and security vulnerabilities before they are exploited by real-life attacks. Our expert team of Information Security consultants use sophisticated technology tools to scan and identify potential risks to your information system environment.

 

  • External Penetration Testing
  • Internal Network Vulnerability Assesment
  • Wireless Security Assessment
  • Web & Mobile Application Testing

IT Audit

GraVoc’s IT audit services provide an independent and objective review of IT infrastructure, control configuration and regulatory compliance through in-depth testing and expert analysis.

 

  • Compliance Gap Analysis
  • IT General Controls Audit
  • IT Audit

Certifications

CISA

Certified Information Systems Auditor

CISM

Certified Information Security Manager

CISSP

Certified Information Systems Security Professional

CCNA Security

Cisco Certified Network Associate Security

C|EH

Certified Ethical Hacker

MCP

Microsoft Certified Professional

CRISC

Certified in Risk and Information Systems Control

E|CIH

EC-Council Certified Incident Handler

Silent Hack Attacks

We examined how stealthy a silent hack attack can be by creating an RFID hacking device that can wirelessly and silently steal data from 3 feet away. Once the data has been obtained it is then stored on a microSD card built into a HID MaxProx device, which is an antenna. This is then transferred to a computer and copied onto a re-writeable RFID card using a tool called the ProxMark3, in essence effectively creating an exact duplicate of the card that was stolen silently and wirelessly.

Awards

Auditors/Independent IT, Gold

Awarded 2011, 2015, 2016

Banking Technology, Silver

Awarded 2015, 2016

Testimonials

“Our experience with GraVoc’s information security practice has certainly been a positive one. We have been working with GraVoc since 2005 and, year after year, they continue to help us improve our overall IT and information systems infrastructure. Best of all, GraVoc is willing to adapt their scope and methodology to meet our needs.”

Elaine Sigismondo | SVP of IT , IC Federal Credit Union

“GraVoc’s IT assurance services helped us and our vendors to discover and address potential vulnerabilities in our LAN/WAN environment. As a result, our overall network infrastructure is more secure and better prepared to face emerging threats.”

Scott Harriman | President/CEO, Cumberland County Federal Credit Union

“GraVoc’s IT audit services are just as they claim: thorough and fair. With GraVoc’s expert analysis and unique approach to the audit function, we are confident that risks related to our IT operation are prioritized and addressed appropriately.”

Chris Bailey | VP Risk Manager, Biddeford Savings Bank

News

LEARN MORE

Fill out my online form.

GraVoc

GraVoc is a technology-consulting firm located in Peabody, Massachusetts just north of Boston. GraVoc is committed to solving business problems for customers through the development, implementation, and support of technology-based solutions.

"One Company, Many Solutions"

10 Centennial Drive Peabody, MA 01960

Pin It on Pinterest