What We Do

Our business is to help organizations become secure and compliant with a variety of technology security services. We work with many different types of organizations that are in various regulated industries like community banking, data centers, and law firms. We breakdown our services in compliance related services and security related services, see more details below:

Compliance Services

Security Services

Our Process

Info Security Process Pie.005

The vision for any of our services is to be able to provide the ‘ultimate proactive compliance experience’. So we’ve built a multi-faceted process to support you feeling great about your compliance environment. Our process consists of four major areas:

  • Our Process – This is our ContinuousCompliance methodology that moves from a single point-in-time review to a risk-based proactive continuous schedule to ensure that your risks stay low year round and becomes a deeper part of your culture.
  • Our Risk Operations Center – Also known as the ROC, this is where the wizards behind the curtain ensure a quality experience. Providing you ongoing schedules, updates, and reports when and how you need. This team of experts are here to ensure that you’re organized, proactive, and happy.
  • Our Field Consultants – Our field consultants are our subject matter experts showing up onsite to review the areas that are next on the schedule and providing you additional updates and help throughout the year.
  • Our Toolkit - We leverage a suite of tools that is right for the work at hand. We have tools for project management, risk assessments, reporting, and also including all the tools required for our penetration testing.

Managing compliance is inherently costly, complicated, and overwhelming so we have put together a process that ensures that your experience is nothing but the ultimate proactive compliance experience.

Our Toolkit


Our Auditor product is used to help streamline the compliance management process. It has the ability to provide risk assessments, audits, recommendations, and reporting. We have incorporated a wide range of community banking templates in it as well to allow you to utilize it for all banking compliance needs.

Auditor - Garland Heart

Other features include:

  • Enterprise Dashboard
  • Template System
  • Simple Project Management
  • Dynamic Reporting

Project Manager

Project Manager is what we use to interact with all our clients. It facilitates the planning, communication, and ongoing follow-up that is required to make our customers successful. This tool has a ton of great features to make it a intuitive project management experience such as milestones, task management, and even mobile access.

Project Manager

Other features include:

  • Messaging
  • Custom User Permissions
  • Calendars & Subscriptions
  • Mobile Access
  • Task and Subtasks


Our Culture – Unlimited Vacation Policy

Culture is a tricky thing. You want one that stands out from the pack of other small businesses but you also realize that you don’t have the resources of a Google, Facebook or Amazon. So a few years ago, we decided to opt-in to one idea that we think is not only the right way to go in our company but in any other modern day business. We established an ‘unlimited vacation policy’.

HR Directors just fell out of their chairs

In a business that uses more brains than brawn, to have vacation based off of a traditional concept of work days just never made sense. It was a leap of faith when we decided to rip off the band-aid and we’re glad we did. Our employees, on average, take about 2.5 weeks per year, not including the time off they have between Christmas and New Years when we shut down. Everyone in the company realizes that vacation is an important concept and when you need to take it, please do. But they also know that when one person isn’t there, someone else is picking up their slack. Its just the way it has to be. So we say take the time you need to come back energized and just pay it forward by covering for someone else that takes vacation next time around. It really can bring a team together. Found this infographic that also has some good points.

Unlimited Vacation Time

The Heartbleed Bug (SSL/TLS)


By now you might have heard of the Heartbleed bug (CVE-2014-0160). The bug is a vulnerability in the popular OpenSSL cryptographic software library. The Heartbleed bug affects any sites and services running specific versions of OpenSSL (1.0.1 and 1.0.2-beta releases of OpenSSL are affected including 1.0.1f and 1.0.2-beta1). The bug received its name from an SSL function called heartbeat, which sends out a pulse to check the connection status. The bug allows spoofing of this “heartbeat” function and potential access to the server. The bug was a programming mistake in the OpenSSL library that provides cryptographic services. There is a fix available now and affected systems should upgrade to OpenSSL 1.0.1g. Systems unable to immediately upgrade can alternatively recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. For now, you should treat every website you have visited as being insecure. We recommend that you generate new passwords for your most critical websites after the vendors have updated their servers. Also, develop a plan on how to respond to your customers.

Here is a list of major services affected including whether or not you need to change your password with them:



Send Us an Email

Fill out my online form.