We are grateful to you for your interest in Drummond and our services. We have been busy this fall and are excited to share with you the latest on our service offerings and how we help our you achieve compliance, ensure application interoperability, and protect what matters most.
We understand there’s a tremendous amount at stake and want to help you go beyond compliance. Our industry-leading experts come with innovative methodologies and processes that demystify compliance, mitigate risk, increase peace of mind, and help improve outcomes.
Contact us with your questions on compliance, interoperability, security, or assurance services. We’re here to help!
The Drummond Team
Meet Lares, The Newest Member of the Drummond Family
Lares has joined Drummond because of their dedication to advancing cybersecurity capabilities beyond the baseline set by compliance standards. Recognized as one of the top 10 Healthcare Security Consulting Services company in 2019, Lares uses a unique combination of advisory, testing, and coaching services for cybersecurity best practices that feature “continuous defensive improvement through adversarial simulation and collaboration”. If you are interested in building and sustaining a resilient environment to withstand attacks by casual or motivated attackers, as well as making informed decisions about your security programs to effectively secure what matters most to your organization, we have the experts for you!
Top Five Penetration Test Discoveries in 2019
In the first half of 2019, Lares analyzed the findings from 50 engagements and found they share common configuration issues that can be easily resolved.
After conducting these penetration and red team tests, Lares encountered a seemingly endless number of vulnerabilities, regardless of organization size or maturity. Through this analysis, Lares documented its findings on the most frequently observed penetration weaknesses from 1H2019.
These top five findings were in “95 percent of the tests” and shared exclusively with Infosecurity:
- Brute forcing accounts with weak and guessable passwords
- Excessive file system permissions
- Windows Management Instrumentation (WMI) lateral movement
Contact Lares for more information or download its detailed findings in this free report.
EPCS Certification Protects What Matters Most
Electronic prescribing of controlled substances (EPCS) has mandates at the federal and state levels governed by the DEA to reduce the potential for diversion, and subsequent abuse of controlled substances. Whether you are an EHR application provider, have a pharmacy application, integrate to a third party for e-prescribing functionality, or are updating to the new NCPDP 2017071 SCRIPT by January 1, 2020 — the DEA requires you to be EPCS certified. No matter what your organization’s status may be, we are ready to help you.
As a premier EPCS certification service provider, Drummond helps our clients obtain EPCS certification in accordance with the DEA regulations. States that mandate this today include New York, Maine, Connecticut and Pennsylvania. By 2020, up to an estimated 25 states will mandate EPCS certification.
Take a security-first approach to EPCS certification. Our strategic partner, Lares, offers a special 1-day Cybersecurity Assessment Workshop to help protect what matters most.
For more information on our EPCS Certification Services click here.
Maintaining full compliance with PCI DSS doesn’t have to be a stretch.
With global payment card industry (PCI) compliance levels dropping to the lowest the industry has seen since 2013, it’s apparent that the challenge facing organizations is SUSTAINABILITY. Drummond has the best plan and the best people to help you not only achieve full compliance with PCI DSS, but maintain it for years to come.
With one of the longest-running PCI compliance practices in the industry, Drummond is ready to help you protect payment card data, ensure compliance, and avoid data breaches.
We can help you with any aspect of your PCI compliance journey from full PCI assessments and Interim assessments, to PCI penetration testing and Gap assessments. We’ll also evaluate the efficiency and effectiveness of your PCI Compliance program and ensure that your operational, reporting, and compliance objectives are being met not just on paper, but through the proper maintenance of internal controls.
Let Drummond help you with:
- PCI Assessment Service
- PCI DSS Gap Analysis Service
- PCI SAQ Advisory Service
- PCI QSA General Consulting
- PCI PA DSS Assessment
- PCI Continuous Compliance Service
- PCI Penetration Testing
Schedule a call today with one of our PCI experts to discuss your company’s needs and take advantage of our year-end promotion of 15% off any PCI service purchased and scheduled prior to December 20th, 2019.
Looking for more information? Download the Drummond PCI datasheet.
Would you like the Drummond newsletter delivered to your inbox? Subscribe here »