Montani Solutions, LLC

IT Security and Compliance

Consulting, Assessments, Audits, Reviews, Training

Expert assistance in keeping your IT resources as secure as the mountains.

© 2008 Montani Solutions, LLC                                                                                                                 webadmin@montanisolutions.com

Example Projects / Activities

The professionals at Montani Solutions have experience in a broad range of environments.

For both small and mid-sized clients, developed security requirements / specifications for web-based applications under development to ensure safe collection, transmission and storage of customer/client data.

For several clients, conducted security awareness and preparedness briefings and training—for management, IT, and non-technical staff.

Security for Web-Based Applications

Security Awareness

Experience

For several organizations, developed comprehensive IT security strategies and implementation plans to improve their risk posture.

For both mid–sized and smaller organizations, conducted general security reviews of their IT operations, identifying numerous vulnerabilities and dramatically reducing their IT-related risks.

IT Security Strategies and Planning

General IT Security Reviews

For several organizations, led efforts to evaluate, acquire and implement systems for centralized administration of spam filtering, anti-virus protection, and patch management.

For several small and mid-sized organizations, reviewed and improved processes and configurations for wireless (WiFi) access to their IT systems.

Enterprise-wide Security Systems

Wireless (WiFi) Security

For several small and mid-sized organizations, performed analysis and recommended approaches to address continuity of operations and disaster recovery.

For several organizations, evaluated security-related technology products and services, including recommendations for acquisition and deployment.

Continuity of Operations (COOP) and Disaster Recovery Planning

Evaluating Security Technology

For a major web-hosting company, developed quality assurance process for firewalls and network devices to ensure secure configuration and appropriate operation prior to delivery — dramatically improving customer satisfaction and saving thousands in rebates.

For a federal agency, developed procedures for authorizing approved access to financial and other IT-based systems.

Firewall / Network Device Quality Assurance

Security Procedures

For a mid-sized college, led efforts in reviewing / improving processes and IT systems to ensure compliance with FERPA, GLBA and HIPAA regulations.

For several organizations, conducted confidential investigations of questionable use of IT resources, with appropriate collection of evidence and findings used by the respective organizations to exonerate or discipline the involved parties.  Some instances have involved assisting law enforcement in identifying parties suspected of illegal activities.

Compliance Reviews / Planning

Investigations of Questionable Use of IT Resources

For a Fortune 500 organization, administered the enterprise-wide 2-factor authentication system for secure remote access to its IT systems.

For a management consulting firm, served as its representative and project manager in developing a web-based monitoring system that collects, analyzes and reports information for its clients.  Activities involved evaluating and selecting development contractors, negotiating contracts, defining specifications, tests and deployment strategies.

Secure Remote Access

General IT Project Management

For a major insurance company, developed processes and security procedures for direct data transmissions (using EDI) between suppliers and its mainframe system.

Processes for Secure Data Transmission between Organizations