There’s really two reasons why Reliable was the first call on my list in terms of talking about security and talking about managed services. One is, you always want to have an outside vendor do your SRA’s and penetration testing, so it was a natural fit to get a sense of how working with our IT would be, and it was a natural first step because they could evaluate our systems and our services very objectively without any concern there.

During the time that we’ve actually been working to plan the SRA to get the schedules set up with plans, and Mike, and the guys, we started to have some service issues with our current managed IT services company. Nothing major but enough to start to make me a little bit curious about what other companies are out there that do managed IT.

Those were really the two areas that Mike, Lance, and I have been talking about, first; let’s get this SRA and Pen test done. So that we know what is on fire, what’s high priority, low priority and where we can improve as a company. Moreover, really start to set up an annual method to that was never done before for the company and seemed like an area of risk for the company in general.

Through the experience, the SRA and Pen test it has been extremely positive in terms of the team comes in and they do a professional job, they do a great job of kind of giving you very human feedback on what they see. You can tell that the team is very competent in the areas that they are focused on. The interesting thing is when we went into idea of the security risk assessment and Pen test was, it seems like sometimes people ask for this to be done and they don’t really want to know what the problems are and I’m the exact opposite. I’d rather know all the skeletons in the closet so that we can fix them.

It was great to work with them and I think that at the end of the risk assessment what I liked is we sat down, we had a good meeting about if there was something that was absolutely a risk that day, that they would work through that with us. Then they will put them into categories, high priority, and low priority and provide us a very detailed analysis, which we’re going to work through together.

The other nice thing about the post SRA and Pen test that I appreciate is that the Reliable IT team was very good at talking to me about how I wanted that data to be presented. I’m excited about that piece where we’re going to talk through that and I’ll be able to kind of process and distill the information and then hopefully, act on it quickly to mediate the issue. I think that we’re looking forward to it as much as that’s a weird thing to say about a risk assessment. When most of the time it’s almost a negative thing for companies to think about where they’re not sufficient, but I’d rather find out about it now and address it.