S2Score is a comprehensive, risk-based measurement of information security assigned to your company based on a proven and thorough assessment process. Once completed, it will identify critical vulnerabilities, control gaps/ deficiencies, and applicable threats to the security of your organization.
WHY IS AN S2Score IMPORTANT?
ADMINISTRATIVE CONTROLS are sometimes referred to as the “human” part of information security. They are controls used to govern other parts of information security. Common administrative controls include policies, awareness training, guidelines, standards, and procedures.
PHYSICAL CONTROLS are the security controls that can often be touched and provide physical security to protect your information assets. Common physical controls include doors, locks, camera surveillance, and alarm systems.
INTERNAL TECHNICAL CONTROLS are the controls that are technical in nature and used within your organization’s technical domain (inside the gateways or firewalls). Internal technical controls include things such as firewalls, intrusion prevention systems, anti-virus software, and mobile device management (MDM).
EXTERNAL TECHNICAL CONTROLS are technical in nature and are used to protect outside access to your organi-zation’s technical domain (outside the gateways or firewalls). External technical controls consist of search engine indexes, social media, DNS, port scanning, and vulnerability scanning.
WHO NEEDS AN S2Score?
Every organization, big or small, should be aware of their most significant information security risks. S2Score will identify and address your organization’s risks through a standardized, consistent and efficient process. This enables all members of your organization to quickly and confidently understand and quantify risks.