Businesses are faced with billions of dollars per year of losses from cybercrime, including downtime from malicious viruses and worms, vandalism from disgruntled employees, liability for privacy breaches, online financial fraud, and theft of trade secrets.  Improving your computer security will reduce these risks and can inspire confidence in customers, regulators, and shareholders.

Montebello Partners can help you meet your business goals and mitigate risks by providing objective security assessment, planning, and architecture services tailored to your needs.  We provide a unique blend of business acumen, security experience, and technology craftsmanship.  The right way to secure information and the right level of security depend on your unique data, processes, threats, and goals.  We specialize in creatively optimizing solutions for your unique situation.

Montebello Partners is comprised of recognized leaders in digital security.  Ames Cornish was a board director for both the bay area chapter of Infragard, an FBI-sponsored cyber-security organization, and for of SVForum, where he founded their Internet Security and Privacy special interest group, and is a Certified Information Systems Security Professional (CISSP).

The first, most important step in improving your security posture and privacy protection is to get an independent, objective review of your situation compared to accepted industry practices.  Montebello Partners provides security reviews including:

  • IT security assessments for cloud services, corporate infrastructure, or software development
  • Network and application penetration testing
  • On-going network vulnerability scanning
  • Software application architecture and code review

Many business are covered by government regulations or contractual obligations that require conformance to generally accepted security practices.  These include financial institutions, health-care providers, and any company doing business in California.  We have specific expertise in reviewing compliance with these standards:

  • Payment Card Industry (PCI) Data Security Standard programs, including VISA USA (CISP), VISA International (AIS), MasterCard (SDP), American Express (DSOP), and DiscoverCard (DISC).
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Gramm-Leach-Bliley Act of 1999 (GLBA)
  • California's privacy breach disclosure law (SB 1386)
  • International code of practice for information security management (ISO/IEC 17799)

Once business objectives and security and privacy gaps have been analyzed, Montebello Partners can help to focus implementation efforts on the most cost-effective and high-payoff areas.  We can provide:

  • Architecture and development of secure web applications
  • Cryptography integration and system design
  • Secure network architecture and implementation (including firewall and VPN)
  • Implementation project management
  • Security and Privacy policy development

Montebello Partners' security expertise spans a wide variety of operating systems, perimeter security technologies, database platforms, application servers, and programming languages.  We have decades of combined experience in security, privacy, and information technology.  Depending upon your needs, we will provide you with a team of experts with backgrounds that may include Global Information Assurance Certification Security Essentials (GIAC/GSEC) certification, VISA certification to perform Customer Information Security Program (CISP) audits, and Certified Information System Security Professional (CISSP) certification.

You can: