Information Security

Protecting your most sensitive data

Information Security Services

Risk Management & Compliance

GraVoc helps your organization maximize the value out of security investments and ensure compliance with federal, state, and industry regulations. Our goal is to help you identify both potential risks and mitigation strategies.

  • Information Security Program Development
  • Risk Assesment
  • Disaster Recovery/Business Continuity Planning
  • Social Engineering Testing
  • Digital Forensics & Incident Report

IT Assurance

GraVoc’s IT assurance services help you identify, understand and resolve configuration and security vulnerabilities before they are exploited by real-life attacks. Our expert team of Information Security consultants use sophisticated technology tools to scan and identify potential risks to your information system environment.

  • External Penetration Testing
  • Internal Network Vulnerability Assesment
  • Wireless Security Assessment
  • Web & Mobile Application Testing

IT Audit Services

GraVoc’s IT audit services provide an independent and objective review of IT infrastructure, control configuration and regulatory compliance through in-depth testing and expert analysis.

  • Compliance Gap Analysis
  • IT General Controls Audit
  • IT Audit



Certified Information Systems Auditor


Certified Information Security Manager


Certified Information Systems Security Professional

CCNA Security

Cisco Certified Network Associate Security


Certified Ethical Hacker


Microsoft Certified Professional


Certified in Risk and Information Systems Control


EC-Council Certified Incident Handler


Business Continuity planning is the creation of a strategy through the recognition of threats and risks facing a company, ensuring that personnel and assets are protected and able to function in the event of a disaster. In this video we examine why it is important to ensure your company has a well-thought out Business Continuity Plan.

Learn about our Risk Management & Compliance Services


What is social engineering?  In this quick video, we explain how Social engineering is a technique used by attackers to gain sensitive information by deceiving privileged users into revealing information that compromises data security. We also examine the different techniques used in Social Engineering attempts.

Read more about Social Engineering 


For our silent hack attack security demonstration, we wanted to show how easy it is to steal sensitive information from a RFID device. By simply passing by someone, we were able to steal their data, and create a new card with the stolen information.

Read more about our Silent Hack Attack


Banking Technology

Gold – 2017

Silver –  2015, 2016

Banking Consultant

Gold – 2017

Silver – 2016

Auditors, Gold

2011, 2015


“Our experience with GraVoc’s information security practice has certainly been a positive one. We have been working with GraVoc since 2005 and, year after year, they continue to help us improve our overall IT and information systems infrastructure. Best of all, GraVoc is willing to adapt their scope and methodology to meet our needs.”

Elaine Sigismondo | SVP of IT , IC Federal Credit Union

“GraVoc’s IT assurance services helped us and our vendors to discover and address potential vulnerabilities in our LAN/WAN environment. As a result, our overall network infrastructure is more secure and better prepared to face emerging threats.”

Scott Harriman | President/CEO, Cumberland County Federal Credit Union

“GraVoc’s IT audit services are just as they claim: thorough and fair. With GraVoc’s expert analysis and unique approach to the audit function, we are confident that risks related to our IT operation are prioritized and addressed appropriately.”

Chris Bailey | VP Risk Manager, Biddeford Savings Bank

Information Security Service Area

Information Security Service Area

GraVoc is located in Peabody Massachusetts, just north of Boston, and provides Information Security services including IT Audit, IT General Controls Audit, Compliance Gap Analysis, Risk Management and Compliance, Disaster Recovery, Business Continuity Planning, Social Engineering Testing, Risk Assessment, Security Awareness Training, Digital Forensics,  IT Assurance, External Penetration Testing, Internal Network Vulnerability Assessments, Wireless Security Assessments and Website & Mobile Application to businesses and organzations in the New England area. GraVoc’s  Information Security team holds certifications in CCNA Security, CISM, CISA, CRISC, C|EH, CISSP, and E|CIH. Below is a list of our Massachusetts and New Hampshire Information Security service area. GraVoc also provides Information Security services in Connecticut, Maine, Rhode Island and Vermont but are not limited to these states.

Massachusetts Information Security Service Area:

Acton, Amesbury, Andover, Arlington, Ashby, Ashland, Ayer, Bedford, Belmont, Beverly, Billerica, Boston, Boxborough, Boxford, Burlington, Cambridge, Carlisle, Chelmsford, Chelsea, Concord, Danvers, Dracut, Dunstable, Essex, Everett, Framingham, Georgetown, Gloucester, Groton, Groveland, Hamilton, Haverhill, Holliston, Hopkinton, Hudson, Ipswich, Lawrence, Lexington, Lincoln, Littleton, Lowell, Lynn, Lynnfield, Malden, Manchester by the sea, Marblehead, Marlborough, Maynard, Medford, Melrose, Merrimac, Methuen, Middleton, Nahant, Natick, Newbury, Newburyport, Newton, North Andover, North Reading, Peabody, Pepperell, Reading, Revere, Rockport, Rowley, Salem, Salisbury, Saugus, Sherborn, Shirley, Somerville, Stoneham, Stow, Sudbury, Swampscott, Tewksbury, Topsfield, Townsend, Tyngsborough, Wakefield, Waltham, Watertown, Wayland, Wenham, West Newbury, Westford, Weston, Wilmington, Winchester, Winthrop, Woburn

Our Information Security Massachusetts service area also includes: Barnstable County, Berkshire County, Bristol County, Dukes County, Franklin County, Hamden County, Hampshire County, Nantucket County, Norfolk County, Plymouth County, Worcester County

Southern New Hampshire Information Security Service Area: 

Amherst, Antrim, Atkinson, Auburn, Bedford, Bennington, Brentwood, Brookline, Candia, Chester, Danville, Deerfield, Deering, Derry, East Kingston, Epping, Exeter, Francestown, Fremont, Goffstown, Greenfield, Greenland, Greenville, Hampstead, Hampton Falls, Hampton, Hancock, Hillsborough, Hollis, Hudson, Kensington, Kingston, Litchfield, Londonderry, Lyndeborough, Manchester, Mason, Merrimack, Milford, Mont Vernon, Nashua, New Boston, New Castle, New Ipswich, Newfields, Newington, Newmarket, Newton, North Hampton, Northwood, Nottingham, Pelham, Peterborough, Plaistow, Portsmouth, Raymond, Rye, Salem,Sandown, Seabrook, Sharon Temple, South Hampton, Stratham, Weare, Wilton, Windham, Windsor

Our New Hampshire Information Security service area also includes: Rockingham County, Cheshire County, and Strafford County.

Information Security News


Fill out my online form.


GraVoc is a technology-consulting firm located in Peabody, Massachusetts just north of Boston. GraVoc is committed to solving business problems for customers through the development, implementation, and support of technology-based solutions.

"One Company, Many Solutions"

10 Centennial Drive Peabody, MA 01960

Pin It on Pinterest