In an effort to help clients comply with Massachusetts 201 CMR 17, we conduct custom tailored audits that evaluate password policies, user access controls, data storage methods and monitoring/reporting abilities. Based on the state’s guidelines, our audits help determine what specific steps need to be taken in order for your firm to to properly secure its personal information.
For example, most small businesses already own technology capable of compliant password and user access policies via Microsoft’s Active Directory. However, our audits have found that some organizations have not sufficiently enabled the security and user access policies native to their network. One area in which many firms fall short is the encryption of email and removable storage devices that contain personal information.
Our 201 CMR 17 compliance audits will provide you with a succinct 2-3 page deliverable that summarizes the current status of your security policies, along with recommendations for remedying any areas where your organization falls short.