logo

 

No matter how secure you think your organization is,
you can always get Stronger.

When it comes to protecting your company’s data and your customers identities from phishing, ransomware and other forms of cybercrime, there’s no such thing as safe enough. Stronger International’s consulting and training programs can help safeguard your company’s most precious asset, your reputation. In a world where identity fraud occurs every two seconds, it’s not a question of if you will be attacked, only when. Remember, risking your data is risking your business. Our security awareness course offerings include onsite, live-remote, and computer-based training options. We also provide risk assessment consulting, security planning, and vulnerability testing at the department, division or enterprise level. Beyond Security Awareness Training we offer a full range of compliance requirement training including HIPAA, PCI, and GLBA. Get trained and get Stronger.

info@stronger.tech
+1 509.290.6598
 

FAQ

Answers to your questions.

Frequently Asked Questions

If your question is not answered below, please feel free to email us at info@stronger.tech or call 509-290-6598.

How old is the company?

Stronger International got its start in 2006 under its original name IT Training Solutions.  The company was originally founded to satisfy a growing need for corporate IT training. Of course, this was before the new threat of state sponsored cybercrime bursted on the International scene and the company adapted to meet a new and unprecedented demand for security awareness and cybercrime prevention. Today the company an internationally respected provider of sensitive, high-risk, cyber security consulting, corporate training and cloud-based educational programs for corporations, education institutions and government/military organizations.

How fast can we have help with Security and or schedule a training?

In the world of Cyber Security, timing can be everything. We can arrange very fast consulting and training to meet a security breach need or an unexpected audit. But planning is key and preparing ahead of an emergency is clearly preferred.

Where are your offices?

Our main office is located at 400 South Jefferson St. #319 Spokane, WA 99204. We have additional satellite offices in CT and FL. Please feel free to contact us to verify the correct place to send packages or information. If you would like to set up a face to face meeting, we welcome you to our headquarters or we can come to your offices.

What kind of consulting do you do? How long does it take and how much does it cost?

Stronger provides a wide range of services in Cyber Security and Compliance that are all geared to helping your organization become Stronger. We have training options that range from a few dollar per employee to several thousand dollars per employee. We create the best solution for your needs and budget. Our 10 step Security assessment will help you identify where to focus. We look forward to helping you create a Stronger Organization through Analyze, Plan, Train and Reinforce. We consult from Penetration Testing to reviewing policies and procedures.

It takes just a brief meeting to get the ball rolling. We can tackle immediate issues and or plan for long-term strategy implementation.

Costs range based on the project.

How do we tell what kind of training is best for our organization?

Stronger starts each client relationship with an analysis of your current security and training methods. This allows everyone to understand the areas of weakness. We have a 10-Step Security Program that helps all organization’s become Stronger. After identifying key areas of weakness, a plan is formulated that will target strengthening core knowledge and skills within the organization. Together we identify weak areas and match courses and training to strengthen those areas.

The FBI just contacted us about our customer records being compromised. Now what?

If you’ve been informed of a breach by the FBI, the best thing you can do is understand what information the FBI has that can assist you, what information you have that the FBI needs and how to share this information in the most effective manner. This knowledge will help the investigation go much smoother.

The FBI investigates both criminal matters (for example, bank robberies) and national security matters (like spies and terrorists). This is unique in  law enforcement agencies and is very important for cyber investigations. Cyber investigations can either be criminal or involve national security. This affects how the FBI learned about your breach. In cyber crime investigations, the FBI may have greater latitude in sharing information with your company. In a national security investigation, the FBI is limited, as a matter of law, as to what they are allowed to share.

FBI Investigations are most often run out of 56 field offices covering every major metropolitan area in the United States.

We have been attacked, our files are locked and they want us to pay. Now what?

Trojan Malware infections and specifically Ransomware are on the rise.

  1. Snap a picture of the ransom screen and turn off your infected computer. Disconnect the computer from the network it is on. This is important because an infected computer can potentially take down other computers on the network.
  2. Alert law enforcement. While they might not be able to help you much, they should still be made aware of the crime.
  3. If you have prepared and have a good security system you can revert to your backups. If you don’t have this, then you need to decide if payment is worth the information on your computer. There is No guarantee that the files will be unencrypted if you pay the ransom. The FBI clearly says to not pay the ransom, but that is an organizational decision. New strains of ransomware are using advanced cryptography, recovering files is nearly impossible without the necessary key.
  4. Call a security specialist like Stronger to help be more prepared for an attack of this or other types of malware in the future.
Do you work with small companies? How small?

Stronger works with all size companies. We have security and training for all size companies from 10 employees to 50,000. We want to work with you where you are at, no matter what your size. Many security firms will not even return calls to smaller companies. We think all organizations can get Stronger.

We want self-paced training. Can you provide it?

We provide over 125 Certification preparation courses that are on a self-paced basis. These classes are less-expensive and provide interactive labs to practice concepts. Please visit our virtual training portal to see the wide range of courses from CISSP to PMP to CompTIA Security+.

shop.ittrianingsolutions.com

We also provide organizational wide customized self-paced training in security and compliance areas. These areas include Security, HIPAA, GLBA, SOX and others. Please look under the training tab for more information on these modular based organizational trainings.

We want to create our training program, can you help us?

We specialize in helping organizations become Stronger. We can help organize and develop a new training program or help you modify and improve the current program you have. We look forward to you contacting our offices to better understand your needs and how we can provide these consulting and training services.

Our board of directors needs educating on cyber crime. Can you come speak to them?

We welcome the opportunity to do high-level executive training on Cyber Crime and Security Risk. We can schedule an onsite or virtual training that will help the executive team better understand their exposure to risk and how that risk can be mitigated and appropriately quantified and reduced.

Please contact us for further information.

We have a specific section dedicated to speaking engagements for both small and large groups.

Do you offer “train the trainer” programs?

Yes, We offer Train the Trainer Programs. We help provide customized instruction for helping reinforce and continue education both when we are onsite and when we will not be onsite. We also help develop curriculum that can be updated regularly to keep pace with the changing environment. This curriculum can be continued with internal staff or external staff.

I am a trainer interested in working with Stronger? How do I send my CV?

We believe that the strength of our team and the people we employ is core to the integrity and mission of our company. We love to meet and employ highly qualified, energetic, professionals in Cyber Security and Compliance.

Please email all CVs and inquiries to info@stronger.tech. We keep information on file and have ever changing needs as we grow.

How often do we have to “retrain” to stay safe from cyber crime?

It is naive to think that training once will create a safe environment. The way we do business has dramatically evolved in the last 20 years. With each new development, we create new opportunities for criminals to take advantage of those who are not vigilant. A Strong Program requires reinforcement and an engaging interactive message. True change is created from the top of leadership and can be extended throughout an organization with planning and focus. The type of organization, industry, network set up, type of job function and amount of regulatory compliance all affect the amount of training and reinforcement that is required to have a strong and secure organization.

We think one of our employees is stealing data, what should we do?

We often focus on preventing external breaches but internal breaches present a significant issue for many organizations. Internal data breaches need to involve the IT team, human resources and the executive team. With concrete information on the data breach an organization can

1. Stop the breach.

2. Understand how the breach occurred

3. Put security in place to prevent future breaches of this sort.

4. Train as to the ethical and legal ramifications, while creating a culture that self monitors and is focused on attracting and keeping excellent, ethical employees.

How can we protect telecommuting employees?

If you have employees who work remotely, you are in good company. Nearly 60% of companies allow remote workers. Telecommuting is a specific part of security related to both access and keeping documents secure.

 

Training: Training is more critical for telecommuting employees because they increase the exposure for a security breach. Lock devices like laptops, smartphones, and tablets when not in use, and require employees to use complex passwords to unlock them. Make it clear that not following the policy could result in losing the privilege of working remotely.

 

A crisis plan: To minimize the impact of a potential security compromise, see that your employees know where to go when something goes wrong. Specify what steps employees should take, in which priority, to try to resolve their issue.

 

Access to resources: Consider setting up a virtual private network (VPN). A VPN encrypts information and Internet traffic and allows you to channel remote users only to where you want them to go. Separating data and using firewalls to help restrict complete network access. For example, your sales team doesn’t need to get into your financial documents and your accountant probably doesn’t need to read about sales leads.

 

Company-issued equipment: What employees do on their own laptops, tablets, and smartphones on their own time is their business. When those devices connect to your network, however, it’s very much your business. To lessen the risk from unauthorized or unmonitored devices, provide company-issued equipment if possible. This allows you to keep up with important upgrades, and security patches. Providing company-issued equipment can also simplify data backup. Using an automated backup service allows you to double up on the protection so that you have one less thing to worry about.

 

How much does your training cost?

Stronger International has a full range of training options to meet individual organization’s price requirements. We specialize in helping consult with IT and information security teams to best optimize their limited budgets and receive the best services and trainings needed. We have modular training which is our most cost effective solution all the way to custom consulting and training onsite. Depending on the needs of your organization will depend on the services and prices.

What does the training program design process look like?

The first stage is to analyze and assess where your organization is at and what services are needed. Often organizations have some areas running smoothly but have missed different areas that are associated with overall security. We have 10 steps to helping make your organization become Stronger. We specialize in training the 8th layer, your employees, and shifting an organization away from believing security is essentially the IT Department’s problem. Security is an essential core part of all healthy organizations.

Can you provide services and or trainings in languages other than English?

aMany of our clients have a global reach and need services in multiple languages. We have security experts and trainers that speak many different languages. We provide onsite trainings in different countries and this often requires training in a language other than English.  Stronger has a modular security training platform that is currently available in 10 different languages including: simplified Chinese, French (EU), French (Quebecois), German, Portuguese (Brazilian) Spanish (International), Italian, Japanese, Korean and Russian. Please contact us, if you have a specific language requirement.

Where can I see your work?

aUnlike a graphic design or marketing firm, we don’t showcase our services or products as easily. Many of our clients are very appreciative of our policy to not showcase names. We have worked with Ivy League Universities, State and Federal Governments of different countries and private company’s ranging from auto manufacturing, finance, medical and technology. We respect your business and privacy and hope you find our services as valuable as our extensive client list.

We’ve discovered a security breach, now what?

1. Discover the cause of the breach. Find the source of the problem before you take steps to attack it. Cyber security specialists can use forensics to analyze traffic and instantly determine the root cause of an event, entirely removing guesswork and problem reproduction from the equation. Effective forensics provide these four key capabilities:

  • Data Capture: Capture all traffic, 24×7, on even the fastest links
  • Network Recording: Store all packets for post-incident, or forensic analysis
  • Search and Inspection: Enable administrators to comb through archived traffic for anomalies and signs of problems
  • Reporting: Through data capture and analysis, results of investigations are logged and network vulnerabilities are reviewed and analyzed post-mortem.

2. Put together a team to respond to the issue. You should consider bringing in a third-party IT professional that specializes in incident response and gap analysis.

  • The data breach happened on your current IT provider’s watch, so they have a vested interest in keeping your business, and may not tell you the whole truth.
  • By bringing in an unbiased, third-party specialist, you can discover exactly what has been accessed and compromised.

3. Communicate with all key stakeholders.

  • Internal (inform employees and involve everyone able to help, i.e. tech specialist, client service managers, PR & communication team, etc.)
  • External (direct mailing to the clients, official media release – and, if necessary, also interview to the profile press). Some industries or certain types of breaches may require reporting to a regulatory body.
How can you help us protect our customers?

Stronger helps train your employees to better understand privacy and how to protect your business and data. We have training and consulting to address each of the areas below. This is a good checklist on Protecting your customer’s information.

1. Protect: Ensure you have effective endpoint, network and email protection that filters out spam, malware and dangerous file types.

2. Train: Train employees to be suspicious of emails, especially those that contain attachments, and to report any unusual emails or attachment behavior to IT.

3. Patch System: Consider a patch assessment tool to ensure your operating system and applications are up to date with the latest security fixes. Most exploit kits can be countered by an available patch that has just not been deployed.

4. Endpoint protection software: Install software and/or deploy other means to achieve a secure web gateway that can identify and block exploit kits before they infect your systems.

5. Firewalls: Crooks want to capture more than just one user’s password and confidential files. They want access to your back-end databases, your patient records, your point of sale network, and your testing network. Consider segregating your networks with next-generation firewalls that treat your internal departments as potentially hostile to each other, rather than having one big “inside” fenced off from the even bigger “outside.”

6. Device control strategy: Identify and control the use of removable storage devices. Not only does this prevent bad stuff getting in, with data loss prevention DLP, but it can also help stop personally identifiable information (PII) and intellectual property (IP) data from going out.

7. Full disk protection: Deploy a full protection program and encrypt sensitive data stored on servers or removable media for sharing with business partners.

8. Application control: Monitor and restrict unnecessary software that reduces security without adding any needed benefit.

9. Data protection policy: Provide guidance for employees on how to keep personal data secure.

10. Cloud Security: If you move to the cloud make sure that the ability to encrypt the data – both in the cloud and also when being transferred – is on your core requirements list.

Do you work with companies outside the United States?

Yes. We work with companies all over the world. We especially can help organizations that have people in multiple countries. This presents it’s own set of unique issues for security and compliance.

 

What kinds of virtual courses do you offer?

xxxxx

Are some industries more at-risk than others for cyber crime?

xxxxx

Do you offer special discounts to nonprofit organizations?

xxxxx

Can you help us draft our security awareness policies and procedures?

xxxxx

Our employees use their own computers and mobile devices is that safe?

xxxxx

We are a HIPAA, GBLA or PCI regulated organization, do you do compliance training?

xxxxx

What’s the difference between live-remote and virtual?

Live remote training is a small group of people taking a course with a live instructor. Each person is enrolled in the same technical course but they are not in the same room. Each logs into a live, small class and has immediate interaction with the instructor and also the other students. These courses normally run every-day for 1 week. It’s the same as a live technical course with the ability to ask immediate questions and be live with all the other students.

Virtual Training is pre-recorded. It can be stopped and started as needed and reviewed over and over. Virtual training can keep the costs lower while providing good training and information.  Many courses run 30-40 hours, have many modules and live interactive labs. They are taken individually and do not have interactions with other students.

 

What kind of specialized compliance training does Stronger do?

Ensuring regulatory compliance can be a complicated and confusing process. Stronger International’s compliance team offers regulation specific audits, compliance requirement training, assistance in policy and governance for specific compliance protocols including. Our main compliance work is in HIPAA, PCI, GLBA, SOX and FERPA.

Contact Us

Contact us. We want to help your organization become Stronger.

Documentation

Check here for cyber security resources and checklists to make your organization Stronger.