Idea Information Security has exceeded our expectations in all of the work they have performed for us as Collier County. They are sensitive to timelines and deadlines and have been flexible in providing their services to meet our schedule. Their staff is experienced and knowledgeable in all areas relating to Computer Security. We were impressed when they discovered a potential e-mail vulnerability on the first day of a security assessment they were performing for us. We believe they are one of the premier computer security firms in the country and would recommend their services to anyone.
- Jeff Bolen CISSP CHSP NSA-IAM/IEM
Information Security Manager
Collier County Government,
Naples, Florida
We are very impressed with Idea’s professionalism and depth of knowledge. Having a small security team that has broad responsibilities, Idea has been able to complement our internal efforts.
- Pete Meinert
Director of Security and Business Recovery
Nelnet Diversified Solutions
Aurora, Colorado
Home > Information Security Services > Regulatory Compliance
Unlike the staff of some of the large auditing organizations that have begun offering ISO pre-registration consulting, our consultants have an average of 50 years of combined experience in information security consulting. Each member of our team is CISSP and NSA-IAM certified, in addition to being a BSI Certified ISMS Auditor. Our teams are spread geographically over 10 regional US offices, and are available for initial consultations free of charge. Our rates are competitive with industry standards, and available upon request for quote.
The HIPAA Final Security Rule mandates the implementation of the Technical, Physical, and Administrative controls to ensure the security of “Protected Health Information”. Health Care organizations and Health Care provides must declare compliance with the requirements and should perform regular reviews of their security posture.
Sarbanes-Oxley section 404 mandates the development, implementation, and maintenance of an adequate internal control structure for financial reporting. Section 404 also makes executive management responsible for assessing the effectiveness of internal controls over financial reporting. Publicly traded companies in the U.S. and International organizations conducting business with these US companies must report compliance at the end of each fiscal year.
The Gramm-Leach Bliley Safeguards Rule requires all financial institutions to implement and maintain protective controls to ensure the protection of all sensitive customer information. The Safeguards Rule applies to financial institutions such as banks, security firms, and insurance companies. This rule is enforced by the Federal Trade Commission and carries heavy fines if not complied with.
Read the Enterprise Information Security Case Studies