Your patients and HIPAA demand strong cybersecurity when protecting ePHI. The HIPAA Simple Risk Assessment guides covered entities and business associates through a series of questions based on the standards and implementation specifications identified in the HIPAA Security Rule and covers basic security practices, security failures, risk management and personnel issues.

HIPAA Simple Risk Assessment Key Elements

Here are the key elements of our HIPAA Simple Risk Assessment.

• Security Risk Assessment (SRA) Basics (security management process).
• Security Policies, Procedures, & Documentation (defining policies & procedures).
• Security & Your Workforce (defining/managing access to systems and workforce training).
• Security & Your Data (technical security procedures).
• Security & Your Practice (physical security procedures).
• Security & Your Vendors (business associate agreements and vendor access to PHI).
• Contingency Planning (backups and data recovery plans).
• All data is saved locally in a secure format.
• Assessments are performed onsite and usually conclude in 2-3 hours.

The Value of a HIPAA Simple Risk Assessment

Here is the value you will receive from our HIPAA Simple Risk Assessment.

• Identify vulnerabilities. Proactively determine where your policies, procedures and documentation are weak.
• Establish likelihood. Determine the probability that a breach or compromising event will occur.
• Establish impact. Determine the effect a breach or compromising event would create.

Your Options

Now that you’ve learned how the HIPAA Simple Risk Assessment benefits you, it is time to make a decision. Here are your options:

• Call Cyber Safety Net today at (844) 580-1200 to schedule yours.
• Avoid calling. Maybe you feel you will never get audited, incur a breach or be accused of negligently handling PHI (protected health information). Nobody will ever give you PHI about a loved one. Why worry?
• Do it yourself. Maybe you feel you can perform your own security risk assessment. Chances are…you’ll let this sit at the bottom of your TODO list and when you get to it, you won’t understand the questions or why you’re doing the assessment in the first place. You give up and do something easier.

All this for $499 for a limited time for new clients. The HIPAA Simple Risk Assessment takes you through each section by presenting questions about your organization’s activities. Your answers will show you if you should take corrective action for that specific item or continue with your current security activities. If corrective action is suggested, the Assessment provides guidance on the related HIPAA Rule requirement or security reference and suggestions on how to improve.

Your users are your last line of defense. They need to be trained and remain on their toes with cybersecurity top of mind. Your cybersecurity is as strong as its weakest link…your users. That’s why you need Cyber Security Awareness Training.

Cyber Security Awareness Training Key Elements

Here are the key elements of our Cyber Security Awareness Training.

• On-demand, engaging, interactive browser-based training.
• The world’s largest library of well over 700 security awareness training content items; including interactive modules, videos, games, posters and newsletters.
• Use each user’s behavior and user attributes to tailor phishing campaigns, training assignments and remedial learning.
• The Automated Security Awareness Program (ASAP) allows you to create a customized program for your organization that helps you implement all the steps to create a complete security awareness training program in just a few minutes!
• Your customized phishing templates can also include simulated attachments in the following formats: Word, Excel, PowerPoint and PDF, (also zipped versions of these files).
• Pre-and post-training phishing security tests that show you the percentage of end-users that are phish-prone.
• Certificate printing where users can view/download/print their own certificates after completing a course.

The Value of Cyber Security Awareness Training

Here is the value you will receive from our Cyber Security Awareness Training.

• Baseline Testing. We provide baseline testing to assess the phish-prone percentage of your users through a free simulated phishing attack.
• Train Your Users. The world’s largest library of security awareness training content; including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails.
• Phish Your Users. Best-in-class, fully automated simulated phishing attacks, thousands of templates with unlimited usage and community phishing templates.

Your Options

Now that you’ve learned how Cyber Security Awareness Training benefits you, it is time to make a decision. Here are your options:

• Call Cyber Safety Net today at (844) 580-1200 to get protected today.
• Avoid calling. Maybe your employees can watch a few YouTube videos in their free time and get all the cybersecurity training they need. Why worry?
• Do it yourself. You conduct a lunch and learn and tell your users how to be safe online. You grant this topic 30 seconds in an otherwise busy staff meeting. People will pay full attention while grabbing another slice of pizza.
• All this for $16/user/year (25-user package). Find out how 20,000-plus organizations have mobilized their end-users as their last line of defense. Powered by KnowBe4, the world’s most popular integrated platform for security awareness training combined with simulated phishing attacks.

Cyber Protection Suite provides remote-monitoring tools, back-office services and software options that reduce IT management costs, strengthen your cybersecurity and deliver the ROI you expect.

Cyber Protection Suite Key Elements

Here are the key elements of our Cyber Protection Suite.

• Desktop Care: Our preventive maintenance service for desktops regimentally monitors and addresses common problems experienced by desktop users. Whether it’s getting rid of viruses, attacking spyware issues or installing patches, we handle it all in the background while your employees remain productive.
• ScreenConnect: Quickly access your computer desktop as if you were sitting at it.
• Webroot SecureAnywhere® Business Endpoint Protection. Trusted by top network and security vendors, like Cisco, Citrix, F5, and more, our cloud-based platform uses context and reputations to stop never-before-seen threats before the competition knows they’re there.
• Vulnerability Scans on Firewalled Networks: Qualys vulnerability scans detect weaknesses in your security and help you patch them. Vital part of PCI and HIPAA compliance plans. $60 when sold separately.
• Network Monitoring: Alerts automatically generated when devices go offline.
• Solves This Problem: Establishing mobile cybersecurity for business is an increasingly tricky task. Device portability makes them targets for physical theft. Malicious apps continue to proliferate as a delivery method for malware designed to steal login credentials and other valuable data. As more and more employees bring their own devices to work, maintaining control over mobile device security is more important, and challenging, than ever.
• With This Solution: Sophos Mobile Protection automatically scans apps and files for malware, scans URLs to block fraudulent websites and detects phishing sites in real-time. This eliminates the chance for much of the user error found to be behind most security breaches.
• Online management: Eliminate the need for an on-premises solution. Sophos Mobile offers user, device, and group management.
• Always up to date: Keep users safe from new threats in real time, all the time, with Sophos’ cloud data centers.

The Value of Cyber Protection Suite

Here is the value you will receive from our Cyber Protection Suite.

• Stop Malicious Apps. Block mobile threats before they infect your phones or tablets.
• Secure Web Browsing. Protect employee identities and corporate information from malicious sites and downloads. Quarantines texts with malicious addresses.
• Lost Device Protection. Locate, lock and wipe lost or stolen devices. Trigger alarms to help recover devices.
• Enforce Company Policies. Require employees to use a lock passcode to protect sensitive corporate email and information.
• Deploys in Seconds. Deploy over the air for Android® and iOS® devices.

Your Options

• Now that you’ve learned how the Cyber Protection Suite benefits you, it is time to make a decision. Here are your options:
• Call Cyber Safety Net today at (844) 580-1200 to get protected today.
• Avoid calling. Maybe you feel all the hackers will bypass you and target those with deeper pockets. You have nothing to steal. Hackers will not harvest your financial information and ePHI (electronic protected health information) and sell it on the dark web. Why worry?
• Do it yourself. You conduct a lunch and learn and tell your users how to be safe online. You grant this topic 30 seconds in an otherwise busy staff meeting. People will pay full attention while grabbing another slice of pizza.

All this for $70/month. 5 users. Cyber Protection Suite is licensed by user, not by device. We’ll show you the easiest and most affordable proactive way to maintain your desktops, notebooks, tablets and smart phones for top business performance.

Ideal for small practices and service providers who process fewer than 20,000 charge card transactions a year, a PCI-DSS Audit (Self-Assessment Questionnaire) is designed as a self-validation tool to assess security for cardholder data.

PCI-DSS Audit Key Elements

Here are the key elements of our PCI-DSS Audit.

• A series of questions to help you identify vulnerabilities.
• Questionnaires tailored for your environment. If you accept charge cards in person, over the phone or on a website, you must know how secure your environment is, or isn’t.
• Standardized questionnaires from the PCI Security Standards Council, to a) help vendors understand and implement standards for creating secure payment solutions, and b) help merchants and financial institutions understand and implement standards for security policies, technologies and ongoing processes that protect their payment systems from breaches and theft of cardholder data.
• Hand holding with a security consultant who helps you navigate through the jargon of cybersecurity and compliance.
• Following guidance in the PCI Data Security Standard helps keep your cyber defenses primed against attacks aimed at stealing cardholder data.

The Value of PCI-DSS Audit

Here is the value you will receive from our PCI-DSS Audit.

• Baseline Creation. The first completed audit creates a baseline. This baseline shows where your security is strong, and where it is weak.
• Meet Standards. Maintaining payment security is required for all entities that store, process or transmit cardholder data. Guidance for maintaining payment security is provided in PCI security standards.
• Meet Customer Expectations. Customers expect you and your business to protect their charge card information. Prove that you do with a completed PCI-DSS Audit (Self-Assessment Questionnaire).

Your Options

Now that you’ve learned how a PCI-DSS Audit benefits you, it is time to make a decision. Here are your options:

• Call Cyber Safety Net today at (844) 580-1200 to schedule yours.
• Avoid calling. Maybe you feel hackers will never go through your business or website to steal charge card data. Everybody pays with cash. Why worry?
• Do it yourself. Maybe you feel you can perform your own PCI-DSS Audit. You already completed one within the past year, right? Chances are…you’ll let this sit at the bottom of your TODO list and when you get to it, you won’t understand the questions or why you’re doing this in the first place. You give up and do something easier.

Sure, you can do a PCI-DSS Audit on your own. Have you completed one within the past year? Probably not. You need one, before an angry patient accuses you of weak security or your bank accuses you of too many unauthorized charges. Call today.

What is happening to you? Your network is slow and unstable. Your cameras do not work always work. You have intrusive PCI and HIPAA compliance burdens. You have no idea how you would recover from ransomware or any kind of disaster. Since you’re still reading this, I would bet good $$ things are failing you. You spend precious time troubleshooting your computers when you should spend that time growing your business and serving your clients. Most of my new business comes from business owners who have incurred too much pain and “just want things to work right.” I’ve been doing this in the Sacramento region since 2002. You run your business. I run your network. Everybody is happy.

My name is Mark Anthony Germanos. I have been in the computer business since 1992. I live and breathe cybersecurity. Here are my most visible accomplishments.

EC-Council Certified Ethical Hacker

Yes, I am a hacker BUT I am a good guy because I am an ethical hacker. “What does that mean?” you may say. Hiring an ethical hacker is like bringing in the fire department to find ways a fire may start in your office before a fire happens.

Microsoft Certified Solutions Expert + Mobility

When I first became an MCSE in 1998, this was Microsoft’s highest networking certification. The MCSE helps me understand, deploy and support technologies that create a positive ROI and benefit your bottom line.

CompTIA PenTest+

Earners of the CompTIA PenTest+ certification have the knowledge and skills necessary to perform hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network. CompTIA PenTest+ professionals have demonstrated the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers. Proving your cybersecurity works involves trying to break it.

How Hacks Happen ©2020

I am an author. My fourth book, How Hacks Happen and how to protect yourself (https://howhackshappen.com) begins by showing how phishing attacks work and why they are so convincing. In this workbook, you learn how passwords are not as secure as you may think, how social media services monetize personal data you share and how hackers cover their tracks. One of the reviewers wrote “Mark does a great job of covering the current landscape of hacks and what you can do to try to protect yourself and your company.”

Cyber Safety Net is a Team

I may be the only one you see, but I am not alone. Cyber Safety Net is based in Cameron Park, California, a suburb of Sacramento. I partner with the finest cybersecurity vendors and believe me, a lot of vendors ask me to partner and resell their services. Only a select few get a YES response. My long-term business partners include ConnectWise, JungleDisk, KnowBe4, Microsoft, Sophos, Qualys and WebRoot.