Are you confident your IT partner is perfectly managing every area and practice of cybersecurity to keep your business as safe as possible from cyber attack and damages? Use this self-assessment to evaluate your current program. If you cannot confidently check off each item below, it may be time for a new IT partner. At Pearl Solutions Group, we follow the National Institute of Standards and Technology (NIST) framework and align your cybersecurity strategy with corporate objectives that meet compliance standards and meet your budget. Submit your name and email and we will be in touch to offer you a FREE assessment and report that will show you opportunities to better protect your business.


1. We maintain an inventory of all workstations, servers, and network equipment and we have implemented a sustainable hardware refresh cycle.
2. We utilize an incident ticketing system; we provide our management team with regular response and resolution time reports and the results of those reports are meeting the organization's expectations.
3. Our wireless network prevents guests from accessing our internal network and employees have unique usernames and passwords assigned for wireless access.
4. Our office locations utilize redundant internet service provider connections, and our firewall or router automatically swaps connections in the event of an outage.
5. Our servers and network equipment are protected with uninterruptible power supply units that maintain a minimum of 10 minutes runtime and automatically power down servers hosting critical data.


1. I am confident that we have the proper cybersecurity software deployed to protect personal and corporate data from attacks such as phishing and ransomware.
2. We engage with all organization employees and properly train them to identify ransomware, phishing and social engineering attacks coming from email, text message and web sites.
3. All organization IT systems and devices that contain PII or sensitive company information are encrypted to protect against loss or left.
4. We use single sign on and two-factor authentication across all critical line of business applications such as Office 365, our ERP system and remote access.
5. The level of cybersecurity insurance carried by our business is adequate to protect our organization and our clients from financial loss.


1. We apply regular server and workstation security patches and updates across our technology infrastructure.
2. We have a properly segmented corporate network (meaning workstations, servers, phones and guests are kept in separate logical networks).
3. We perform a regular network vulnerability scan and have archived all historical scan data for reporting and compliance purposes.
4. We have a written information security policy (WISP) that has been agreed to by all employees.
5. We are meeting all state and federal compliance requirements such as HIPAA, PCI DSS, and FINRA and we are confident we would pass an audit.

Backup & Disaster Recovery

1. We proactively monitor our server and cloud infrastructure for failures and performance issues so that business affecting problems can be prevented.
2. We regularly review our backup strategy, and we adhere to a documented process for backup frequency, retention and location.
3. We perform regular backup recovery testing, and we have a clear time objective for restoring critical systems and data.
4. Along with our management team, we understand how our technology infrastructure supports our key business processes and we have calculated our costs of technology infrastructure downtime.
5. We have a well-defined disaster response team with clearly defined roles, responsibilities and communication protocols.