Our partners are always involved in the services performed through direct supervision, performance and/or coordination of the services. This commitment and attention to detail ensures quality service is always achieved and allows for our clients to maintain a high degree of peace of mind.
Our associates receive extensive and rigorous training and are proficient in knowing the importance of proper internal controls, appropriate segregation of duties, detailed policies and procedures, compliance with regulations and enterprise-wide risk assessments and evaluations.
Genesis has experience in the following industries:
The IT Management Dilemma
The fundamental problem with managing information technology (IT) personnel is the lack of proactive security, maintenance, and administrative control monitoring. Additionally, organizations can end up spending time and resources re-training IT personnel as they move from one job to the next one once they become bored with the monotonous daily routines of IT support. Using a Managed Service and Security Provider (MSSP) can provide a better alternative, but only if the costs are controlled and the onus for efficient support is placed back upon the service provider.
Our MSSP program satisfies both dilemmas. First, by maintaining various environments of technology and working with partners and manufacturers on cutting edge products boredom is rarely a liability for our employees.
Second, for an MSSP model to make business sense for us it becomes our responsibility to be attentive, proactive, and most of all efficient. This in turn results in capped support and monitoring costs for our clients so that other projects can be budgeted accordingly.
We have successfully implemented MSSP models across various organizations resulting in efficient, proactive support while maintaining costs on a fixed budget. How can costs be budgeted? Because it’s our mission to be as efficient as possible for any problems that arise. This keeps us profitable while being responsive to our clients. The client should never have to worry about our efficiency. That is our responsibility. Some of the other benefits of an MSSP agreement include:.
- Secure portal access to IT administration tasks and history
- Full network management and administration
- Timely anti-virus and patch management
- On-site and remote support during business hours
- Security monitoring and management
- Security awareness campaigns
- Monthly governance reports on operational and security status
- Participation in IT steering committee or management meetings
- Demonstrative compliance with cybersecurity and privacy laws and regulations
- Reduction of cybersecurity insurance premiums
Cybersecurity Consulting and Services
Security assessments are generally required as part of a holistic compliance framework for regulatory rules and both cybersecurity and privacy laws. Many of the services we provide are focused reviews on an organization’s people, processes, and technology infrastructure to identify and reduce confidentiality, integrity, and availability risks to your information assets. Our suite of optional services can be used as a complementary addendum to our MSSP agreements either as a point in time service or as a subscription service as well.
We can provide the following cybersecurity and privacy services as needed:
A vulnerability assessment is a process using a combination of sophisticated tools and methodologies to analyze deficiencies, whether logical or physical, in either people, systems or processes within the environment. Its purpose is not necessarily to exploit any discovered vulnerabilities, rather to verify they exist and the likelihood of their exploitation.
The purpose of any penetration test is to assist an organization in determining the ability of exploits that may exist against discovered vulnerabilities found in a company’s systems or information assets. A penetration test subjects a system to real-world attacks selected and conducted by our security staff including the use of social engineering exercises. The benefit of a penetration test is to identify the extent to which sensitive information can be compromised and possibly exfiltrated before an actual determined attack.
Policy development and review
Genesis can provide your organization assistance with policy development and maintenance as these governing documents are required under most regulatory rules and laws as the cornerstone for corporate IT governance. Policies may include, but are not limited to:
- Information Security Policy
- Business Continuity Plan
- Incident Response Plan
- Information Security Risk Assessment
- End User Computing Policies
- Data Classification Policies
Information security training
We can provide on site, in-person information security awareness trainings. We have catered training programs for various groups from operations staff to management teams and from new hire orientation trainees to the Board of Directors. It’s a necessary requirement for compliance purposes and honestly the best way to stay informed about the changing threat landscape in information security
Social engineering exercises
Genesis can perform basic social engineering exercises to to assess the readiness of employee behavior by testing a company’s security awareness and preparedness. Methods may include phishing exercises, pretext calling, malware injections, or physically accessing sensitive information.
One of our more popular social engineering exercises we can setup and perform multiple phishing campaigns over a period of time to test both the resiliency of email systems as well as employee behavior.
Dark Web Monitoring Services
Through a combination of human and sophisticated Dark Web intelligence with search capabilities, we are able to identify, analyze and proactively monitor for organizations’ compromised or stolen employee and customer data.
Attacks on networks may be inevitable, but proactive monitoring of stolen and compromised data allows you to respond to a threat immediately to prevent a major breach.
We have the capability of looking into various places where your data can be stored and sold, including but not limited to:
• Hidden chat rooms
• Private websites
• Peer-to-peer networks
• IRC (internet relay chat) channels
• Social media platforms
• Black market sites
• 640,000+ botnets
With 80,000+ compromised emails daily, our Dark Web monitoring platform provides extensive reporting capabilities to track and triage incidents.
Our platform allows us to see industry patterns long before they become trends, and offers the intelligence to keep you and your employees more protected.
Cloud Hosting and Management Services
Infrastructure Hosting – Genesis can host your entire infrastructure in the cloud using one of our partnered platforms. No more purchasing servers, network equipment, UPS’s, etc. All you need is a Desktop/notebook/tablet and a secured internet connection. Performance upgrades are much easier and scale with your business.
Application Hosting – Genesis can also host your key applications in the cloud if you are content with your current infrastructure. Allow your applications to be available 24×7 under our protection while you keep your infrastructure investment intact.
Web Hosting – If you have Internet facing applications or web sites, they are also most welcome in our cloud platform. WordPress is fully supported in our environment.
Governance, Risk, and Controls
We provide additional services including general consulting, system validations, control testing, and various operational or technology risk assessments. Our information technology assurance services are geared to identify and assess risks to the confidentiality, integrity, and availability of information assets. We take governance and oversight, internal processes and controls and operating environment into consideration. These services may be provided as part of an internal audit of information technology controls or as individual projects. These services may be necessary as a result of major organizational changes, implementation of new technologies or reliance on third-party service providers. The following are some of the information technology assurance services that Genesis provides:
Business Impact Analysis & Continuity Planning
We can provide full Business Continuity planning and management services in order to provide a documented, tested, and fully executable plan that meets the expectations of management or regulatory requirements. With management’s assistance and information we will perform the necessary steps to assure that system and information recovery objectives are met.
Genesis can perform a Business Impact Analysis identifying information assets by function or department, identifying criticality and recovery requirements for each. Through discussions with management and assessment of the organization’s technology infrastructure and current recovery options we will assess whether the current environment is suitable for meeting recovery objectives. If necessary, we will provide recommendations and assist with implementation of either backup or disaster recovery solutions and we can also perform user acceptance testing.
If requested, Genesis can provide local or cloud based backup or real time recovery strategies to meet most recovery objectives.
Bank Secrecy Act / Anti-Money Laundering
Banks and financial institutions are required to comply with Bank Secrecy Act and Anti Money Laundering (“BSA/AML”) regulations as part of internal compliance programs. Compliance with BSA/AML regulations requires institutions to meet the “five pillars” including capable officers, internal controls, adequate training, an independent audit, and recently enhanced customer due diligence programs.
Genesis has been engaged to perform the independent audit of several Bank’s BSA/AML compliance programs in accordance with Section 352 of the USA PATRIOT Act. Our procedures are performed in accordance with the Federal Financial Institutions Examination Council (FFIEC) Bank Secrecy Act (BSA) /Anti-Money Laundering (AML) Examination Manual that was most recently issued in December 2014.
Genesis has worked with Banks supervised by the Office of the Comptroller of the Currency (“OCC”), Federal Deposit Insurance Corporation (“FDIC”), and Federal Reserve oversight offices in Atlanta and New York. Internationally, Genesis has also worked with Financial Institutions in Puerto Rico who are overseen by the Oficina del Comisionado de Instituciones Financieras (“OCIF”). Generally our audit scopes have included, but are not limited to:
|BSA reporting requirements, such as CTRs and SARs||OFAC compliance|
|Compliance with exemption rules and requirements||High-risk activities, customers, and areas|
|Compliance with exemption rules and requirements||Retention of required records|
|Customer identification program (CIP)||Customer due diligence|
|Identifying and reporting suspicious activities||Correspondent Banking activities and associated monitoring controls|
|BSA recordkeeping requirements for deposits, loans, funds transfers, and sales of monetary instruments||Compliance with information sharing requirements (Title III, section 314, USA PATRIOT Act)|
|Funds transfer operations||Ongoing training of appropriate personnel|
Bank Secrecy Act / Anti-Money Laundering
Banks and financial institutions are required to comply with Bank Secrecy Act and Anti Money Laundering (“BSA/AML”) regulations as part of internal compliance programs. In addition to the “five pillars” that define the regulatory requirements other compliance initiatives have been recommended by financial regulators to assure ongoing compliance with BSA/AML activities.
Genesis has been engaged to perform various consulting services in order to help institutions improve their compliance requirements including but not limited to.
|Model Validations (Transaction Monitoring)||Model Validations (OFAC)|
|Model Validations (Risk Management)||BSA/AML Risk Assessments|
|LookBackup Projects||Compliance Reviews of Mastercard Rule 1.2|
|Model Optimization||EDD Reviews|
Genesis has worked with Banks supervised by the Office of the Comptroller of the Currency (“OCC”), Federal Deposit Insurance Corporation (“FDIC”), and Federal Reserve oversight offices in Atlanta and New York. Internationally, Genesis has also worked with Financial Institutions in Puerto Rico who are overseen by the Oficina del Comisionado de Instituciones Financieras (“OCIF”).
Rounding Out the Rest
- Web Design
- Application Development
- Project Management
- Ethernet/Fiber Infrastructure Cabling
- Forensic Data Recovery