Services

Home » Services

Services

Our partners are always involved in the services performed through direct supervision, performance and/or coordination of the services. This commitment and attention to detail ensures quality service is always achieved and allows for our clients to maintain a high degree of peace of mind.

Our associates receive extensive and rigorous training and are proficient in knowing the importance of proper internal controls, appropriate segregation of duties, detailed policies and procedures, compliance with regulations and enterprise-wide risk assessments and evaluations.

Genesis has experience in the following industries:

  • Automotive
  • Financial Institutions
  • Healthcare
  • Hospitality
  • Manufacturing
  • Media
  • Professional Services
  • Non-profit Organizations
  • Real Estate
  • Retail
  • Sports & Entertainment
  • Technology
  • Wholesale

Services

The IT Management Dilemma

The fundamental problem with managing information technology (IT) personnel is the lack of proactive security, maintenance, and administrative control monitoring. Additionally, organizations can end up spending time and resources re-training IT personnel as they move from one job to the next one once they become bored with the monotonous daily routines of IT support. Using outsourced technology support providers can provide a better alternative, but only if the costs are controlled and the onus for efficient support is placed back upon the service provider.

Managed services satisfies both scenarios. First, by maintaining various environments of technology and working with partners and manufacturers on cutting edge products boredom is rarely a liability for our employees.

Second, for a managed service model to make business sense it becomes our responsibility to be attentive, proactive, and most of all efficient.

We have successfully implemented managed service models across several organizations resulting in efficient, proactive support while maintaining costs on a fixed budget. How can costs be budgeted? Because it’s our mission to be as efficient as possible for any problems that arise. This keeps us profitable while being responsive to our clients. The client should never have to worry about our efficiency. That is our responsibility. Some of the other benefits of a managed services agreement include:.

  • Policy Management including:
    • Information Security Policy
    • Business Continuity Plan
    • Incident Response Plan
    • Information Security Risk Assessment
  • Full Network Management and Administration
  • On-site and remote support during business hours
  • Security Monitoring and Management
  • Monthly Operational and Security Reports
  • Participation in IT Steering Committee or Management Meetings

Security Assessment

Security assessments are focused reviews on an organization’s people, processes, and technology infrastructure to identify and reduce confidentiality, integrity, and availability risks to your information assets. It is mostly technical in nature and most effective when coordinated with the company’s information security personnel. A security assessment can consist of a combination of either a vulnerability assessment, penetration test, or social engineering exercise.

A Vulnerability assessment is a process using a combination of sophisticated tools and methodologies to analyze deficiencies, whether logical or physical, in either systems or processes within the environment.   Its purpose is not necessarily to exploit any discovered vulnerabilities, rather to verify they exist and the likelihood of their exploitation.

The purpose of any penetration test is to assist an organization in determining the ability of exploits that may exist against discovered vulnerabilities found in a company’s systems or information assets. A penetration test subjects a system to real-world attacks selected and conducted by our security staff. The benefit of a penetration test is to identify the extent to which sensitive information can be compromised and possibly exfiltrated before an actual determined attack. Only a real penetration test can simulate what would happen if a determined hacker were to attack your organization. A penetration test can either be enterprise wide or targeted to specific assets.

Genesis can provide social engineering exercises to attempt to gain sensitive or private information from a Company’s employees that may be later used either as leverage to gain access to internal systems or to access private information. The purpose of this exercise is to assess the readiness of employee behavior by testing a company’s security awareness and preparedness.  Methods may include phishing exercises, pretext calling, malware injection, or physically accessing sensitive information.

We can provide assessments for any of the following:

  • Web sites or Internet facing applications
  • Dial-In/Remote Access/VPN
  • DMZ or VLAN Architecture
  • Wireless Networks
  • Intranet sites
  • End-user device security
  • Firewall security
  • Physical Security
  • Employee Behavior

Cloud Hosting and Management Services

Infrastructure Hosting – Genesis can host your entire infrastructure in the cloud using one of our partnered platforms.  No more purchasing servers, network equipment, UPS’s, etc.  All you need is a Desktop/notebook/tablet and a secured internet connection.  Performance upgrades are much easier and scale with your business.

Application Hosting – Genesis can also host your key applications in the cloud if you are content with your current infrastructure.  Allow your applications to be available 24×7 under our protection while you keep your infrastructure investment intact.

Web Hosting – If you have Internet facing applications or web sites, they are also most welcome in our cloud platform.  WordPress is fully supported in our environment.

Governance, Risk, and Controls

We provide additional services including general consulting, system validations, control testing, and various operational or technology risk assessments. Our information technology assurance services are geared to identify and assess risks to the confidentiality, integrity, and availability of information assets.  We take governance and oversight, internal processes and controls and operating environment into consideration. These services may be provided as part of an internal audit of information technology controls or as individual projects.  These services may be necessary as a result of major organizational changes, implementation of new technologies or reliance on third-party service providers.  The following are some of the information technology assurance services that Genesis provides:

  • IT Audits
  • Data & Model Validations
  • IT Consulting Services
  • Statement on Standards for Attestation Engagement (SSAE) 18 SOC1/SOC2
  • Information Security Risk Assessments

Bank Secrecy Act / Anti-Money Laundering

Banks and financial institutions are required to comply with Bank Secrecy Act and Anti Money Laundering (“BSA/AML”) regulations as part of internal compliance programs.  Compliance with BSA/AML regulations requires institutions to meet the “five pillars” including capable officers, internal controls, adequate training, an independent audit, and recently enhanced customer due diligence programs.

 

Genesis has been engaged to perform the independent audit of several Bank’s BSA/AML compliance programs in accordance with Section 352 of the USA PATRIOT Act.  Our procedures are performed in accordance with the Federal Financial Institutions Examination Council (FFIEC) Bank Secrecy Act (BSA) /Anti-Money Laundering (AML) Examination Manual that was most recently issued in December 2014.

 

Genesis has worked with Banks supervised by the Office of the Comptroller of the Currency (“OCC”), Federal Deposit Insurance Corporation (“FDIC”), and Federal Reserve oversight offices in Atlanta and New York.  Internationally, Genesis has also worked with Financial Institutions in Puerto Rico who are overseen by the Oficina del Comisionado de Instituciones Financieras (“OCIF”).  Generally our audit scopes have included, but are not limited to:

BSA reporting requirements, such as CTRs and SARs OFAC compliance
Compliance with exemption rules and requirements High-risk activities, customers, and areas
Compliance with exemption rules and requirements Retention of required records
Customer identification program (CIP) Customer due diligence
Identifying and reporting suspicious activities Correspondent Banking activities and associated monitoring controls
BSA recordkeeping requirements for deposits, loans, funds transfers, and sales of monetary instruments Compliance with information sharing requirements (Title III, section 314, USA PATRIOT Act)
Funds transfer operations Ongoing training of appropriate personnel

Business Impact Analysis & Continuity Planning

We can provide full Business Continuity planning and management services in order to provide a documented, tested, and fully executable plan that meets the expectations of management or regulatory requirements. With management’s assistance and information we will perform the necessary steps to assure that system and information recovery objectives are met.

Genesis can perform a Business Impact Analysis identifying information assets by function or department, identifying criticality and recovery requirements for each.   Through discussions with management and assessment of the organization’s technology infrastructure and current recovery options we will assess whether the current environment is suitable for meeting recovery objectives. If necessary, we will provide recommendations and assist with implementation of either backup or disaster recovery solutions and we can also perform user acceptance testing.

If requested, Genesis can provide local or cloud based backup or real time recovery strategies to meet most recovery objectives.

Rounding Out the Rest

  • Web Design
  • Application Development
  • Project Management
  • Ethernet/Fiber Infrastructure Cabling
  • Forensic Data Recovery