Services We Excel At

Compliance and Cyber Security

ecfirst is a leader with rich hands-on experience delivering Information Technology (IT) and Regulatory Compliance solutions. ecfirst specializes in bringing you exceptional value with its full suite of services that include compliance and cyber security solutions.

Risk Analysis Solutions
Vulnerability Assessment & Penetration Testing
Penetration Testing
BIA & IT Disaster Recovery Plan
ISO 27000 Solutions
PCI DSS Solutions
On-Demand Compliance Solutions
Health IT Services
Managed Cybersecurity Services Program (MCSP)
Edit & Go™ Policy Templates
Enterprise Information (System) Security Plan
Training & Certification
Information Security Staffing Program

Application Development

ecfirst provides application development services across a host of platforms. Clients can choose their preferred engagement model which ranges from consultants to augment their projects to ecfirst taking complete responsibility for development and delivery of the finished application. Whatever the preference, ecfirst can help. Regardless of how we are engaged, we stand by our people. Recruiting only the best and the brightest, our great people equipped with the proper tools and training working with valued clients yields positive results. Some of the technologies that ecfirst uses in application development include:

Java / J2EE
.NET framework
Visual Basic/ASP/COM
Cobol
RPG for AS400
SQL Server
Oracle and Oracle Forms
Informatica ETL
Business Objects / Crystal Reports
Sybase / PowerBuilder
Teradata
Storage Device Operating Systems
Storage Device Testing
Architects

Project Management

ecfirst believes successful project management is the result of having successful project managers. At ecfirst, our project managers are the best in the business. They are the best in the business due to three key factors ecfirst is focused on: Hire and retain the best project managers, equip them with the best possible training and tools, and provide them the best possible project opportunities.

Our hiring process is rigorous and expects candidates to be skilled and experienced in project management. Typically, a candidate must successfully complete two internal ecfirst interviews and an interview with the prospective client manager. In addition to the typical reference checking and background review, ecfirst hones in on the candidate’s past record of achievement, looking specifically for success in demanding project environments. A PM starting with ecfirst is one that has a consistent record of project success in the past.

Once we have hired the PM, we ensure they are equipped with all necessary training and tools to be successful for our clients. Most of our project managers are Project Management Professional (PMP) certified. If they are not, ecfirst invests in such training in order for the PM to become certified. ecfirst provides on-going training in project management subjects where needed, and hosts internal ecfirst meetings at least quarterly. In these gatherings, project management best practices are discussed, and general PM networking takes place, to ensure a continuous learning environment across the ecfirst PM practice.

With the right candidate possessing the right skills and experience, ecfirst’s PM practice matches that professional with the right project opportunity. In each ecfirst market, we possess on-going business relationships with key companies there, who tend to be industry leaders in the projects that they undertake. As such, an ecfirst PM can expect to lead major, strategic projects for our clients, and have the opportunity to shine where it matters. ecfirst is proud of its project management practice.

Business Requirements / Analysis

ecfirst’s Project Management and Business Analyst practice has experienced consultants that can help you define your project requirements. Whether these requirements are extremely technical or more functional, our consultants are trained to take a disciplined approach. The consultants in this practice have experience using different methodologies and different tools depending on the specific client. The common denominator is that ecfirst analysts are great at seeking a deep understanding of requirements.

Quality Assurance and Testing

ecfirst’s Quality Assurance practice has experienced consultants that can help you define your project requirements. Whether these requirements are extremely technical or more functional, our consultants are trained to take a disciplined approach. The consultants in this practice have experience using different methodologies and different tools depending on the specific client environment. The common denominator is that ecfirst Q.A. experts are great at seeking a deep understanding of requirements and helping you achieve your business objectives.

Systems Integration

Most businesses have many systems that need to work with one another. These systems could be a mix of package software and custom software. Usually, making them work in concert is a key component to an efficiency project. ecfirst has the expertise to help you make your systems work together. From legacy systems to web-based applications, our people have the skills to help your organization.

Compliance and Achieving

Merely having a written retention policy is not enough. Through the continual effort of your IT department along with your compliance office or Auditing firm, you must not only design and implement a formal retention policy and program, but you must constantly monitor the results, taking valuable time from your IT department staff members. Corporations have been made much more accountable for providing critical legal information since the landmark Zabalake case.

In 2004, less than 35% of all corporations in the US have a formal email (or other document) retention policy. Corporations are required to have a records management policy and program that covers ALL documents, records, files, and emails.

ecfirst can help you and your staff understand the terminology and techniques used in the analysis of data for Compliance purposes along with your Compliance Officer, ecfirst can help you understand the risks involved from technology point of view. Lastly, we can help you identify and categorize key technology issues related to data retention policies, and how it will affect your business.

ecfirst has deep experience with several regulations including Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act (HIPAA),Minimum Acceptable Risk Standards for Exchanges – Exchange Reference Architecture Supplement (MARS-E), North America Electric Reliability Council (NERC) and the Federal Information Security Management Act (FISMA ecfirst can assist your initiatives in compliance and security.

Disaster Recovery

A BIA is a critical step in contingency planning. The critical steps for a BIA include the need to:

Identify business disruption events and measure probabilities
Identify critical business functions
Identify critical computer resources that support key business functions
Identify disruption impacts and allowable outage times
Develop recovery priorities

**Our bizSHIELD^tm Methodology**

The Seven Steps to Enterprise Security™ is a methodology that describes a road-map to safeguard sensitive business information and enterprise vital assets. This methodology is also referred to as bizSHIELD^tm. bizSHIELD^tm has also been influenced by the domains defined in the ISO 27000 security standards as well as the NIST security frameworks.

The bizSHIELD^tm methodology delivers confidentiality, integrity and availability (CIA) of your vital information and business assets. This methodology provides the blueprint for defending today’s enterprise. The Seven Steps methodology provides the framework for addressing contingency requirements.

The bizSHIELD^tm security methodology identifies seven critical steps for an organization to follow as a twelve-month framework for organizing and prioritizing enterprise security initiatives.

Our Professional Team

ecfirst only engages credentialed professionals for its BIA engagements. Credentials such as CISSP, CSCS™ and CBCP are typical of ecfirst Teams assigned to client engagements.

Your Commitment To Us

Interviews with key members of IT staff, key individuals in departments and management.
Copies of IT system and network documentation including policies and procedures and inventory of vital assets such as servers and applications.

Our Deliverable To You

A bizSHIELD^tm Business Impact Analysis (BIA) document will be created based on our review and analysis of information collected from your organization.
This bizSHIELD^tm Business Impact Analysis (BIA) Report will include information in the following areas:

Business Risk Assessment
- Key business processes identification
- Time-bands for business service interruption management
- Financial and operational impact
Key Sensitive Systems and Applications Summary
Emergency Incident Assessment
- BIA process control summary for emergency incident assessment
- Serious information security incidents
- Environmental disasters
- Organized and/or deliberate disruption
- Loss of utilities and services
- Equipment or system failure
- Other emergency situations

Internet / Extranet

ecfirst sees the Web as a powerful tool for adding efficiency and scale to certain functions within a company. The skill required to build business applications on the internet are much different than those needed to create basic sites. Experts in our Development Center have the knowledge and technical skills to deliver high impact Web applications for your business.