Agio provides managed IT and cybersecurity services to firms at every stage, including technology hosting, monitoring, management, disaster prevention and recovery, managed security, cybersecurity consulting, and other high-end services.
Agio Infrastructure Gap Analysis provides a definitive analysis of your current IT environment, business needs and the technologies and services available to bridge current and future gaps. Through our extensive discovery process, we identify current risks and limitations, and create a strategic plan, which ensures scalable growth. ×
Server & Storage Consolidation
Agio Server & Storage Consolidation identifies areas of consolidation, enabling you to retire unneeded hardware and gain advantages in flexibility, scalability and data center automation. Our team assesses your existing environment to develop a detailed consolidation strategy designed specifically to meet your objectives. This comprehensive plan will help:
Simplify your infrastructure and increase flexibility by reducing the number of physical devices
Reduce operating costs by lowering space, energy, maintenance and management expenses
Increase availability as resources are consolidated into high-availability solutions, minimizing downtime and improving performance
Agio Security Assessments comprise a comprehensive suite of compliance and IT security assessments, designed to provide you with confidence and knowledge about your security and compliance posture in a world of rising regulation and evolving threats. Through a variety of engagements, grounded in industry best practices and honed by years of experience, we can assist you with:
Assessing, understanding and managing your risk with respect to valued data assets
Assuring compliance with regulatory and institutional investor requirements
Revealing, classifying and mitigating real vulnerabilities through extensive penetration testing
Delivering a gap analysis of your security program, policies and systems against industry best practices and relevant compliance standards
Managing the IT Security component of your compliance initiatives
Developing a strategic plan of action to remedy compliance gaps and security vulnerabilities
Providing a Governance and Risk Compliance Program to ensure compliance and security posture is maintained
Agio’s Data Center Migration service is a strategic initiative, which can increase business agility, reduce total cost of ownership (TCO), meet regulatory and institutional investor requirements, and provide for future growth. Your data center is the mission-critical service delivery platform for your firm, and migration of the data center is a complex, large-scale change management effort, which imposes significant investment and risk. A successful data center migration should address business, architectural and operational challenges across the entire IT stack. Our team assesses the migration risks across business applications, dependent upon your technology infrastructure such as server, storage and networks. We also consider the complexities and nuances of your particular business environment to determine which applications are truly cloud-ready. Agio then creates a detailed plan, unique to your firm, allowing you to:
Create an effective strategy allowing for future growth
Reduce operating costs by lowering space, energy, maintenance and management expenses
Increase availability as resources are consolidated into high-availability solutions, minimizing downtime and improving performance
Colocation is an excellent solution for any firm that wants to use their own servers, but does not want to invest in a data center infrastructure. Agio’s Colocation service allows you to save money and avoid outages using a secure environment with the added flexibility of having complete control over your own servers and software. In addition, with managed colocation, we also manage and maintain your servers, helping you to have a dependable and efficient environment, without having to retain your own dedicated IT staff.
Agio Private Cloud
By providing instant access to a vast pool of computing resources, we ensure our private cloud infrastructure is customized to your needs. Agio utilizes dynamic virtual servers to replace conventional, dedicated or managed hardware to offer efficient, on-demand, scalable cloud computing. Utilizing our virtual servers, firms of any size can benefit from enterprise-class security, redundancy and performance with the convenience of Agio’s flexible, service-oriented model. The Agio Private Cloud also provides:
Secure private hosting, including encrypted data transmission and storage, based on proven best practices. We ensure any data that is created, processed, transmitted or stored by your firm maintains appropriate confidentiality, integrity and availability.
Full compliance with the SSAE 16 SOC Type 1 and 2 standards.
Dedicated IT staff, providing 24X7X365 support.
Agio Managed Public Cloud
Amazon Web Services (AWS) is a highly optimized cloud infrastructure that allows you to take advantage of a dynamic environment without you having to provide the infrastructure. The downside is that this is where the service ends. With AWS you are required to manage and maintain your cloud environment, including all of the complexity and time involved. To meet this need, Agio offers a full service cloud management offering, partnering with Amazon Web Services and their infrastructure. Agio takes care of everything from the implementation and migration of your environment to ongoing support. In the ever-evolving world of AWS, we can help you save time and operating costs by taking advantage of Agio’s expertise in implementing and managing AWS solutions.
Agio’s comprehensive suite of hosted messaging and compliance services is specifically engineered to offer clients high-performance, fully managed solutions, providing you enterprise-class E-Mail, compliance archiving, eDiscovery, mobile device support, and security. Our solution includes hosted secure E-Mail with 99.99% uptime guarantee, message encryption, mobile device support, compliance archiving covering E-Mail, Instant Messaging (IM), Bloomberg, SMS, and social media. We work with best-in-class partners, including Intermedia, Intel Security, Global Relay, and Smarsh. ×
Our Voice Solution offers robust calling features, greater mobility for remote users who only need the Internet to connect, and greater flexibility for organizations needing to move offices, open new locations or staff dynamically. Our Voice Solution enables your staff to be more efficient and productive. ×
We understand how critical system continuity is during a disaster, and we are there every step of the way to ensure the seamless and successful execution of your Disaster Recovery process. Additionally, hosting and managing your physical and virtual environment off-site reduces your infrastructure demands and associated costs, while ensuring reliable and predictable outcomes. Agio’s Disaster Recovery solution provides high availability for crucial systems by replicating mission critical data to a remote, fully redundant data center geographically isolated from your primary location. Accessible by an Internet connection, you have convenient, fast and reliable access to your essential applications, including trading systems. Most importantly, Agio manages and executes the failover from production to DR, and back to production to ensure your data is correctly synced between environments.
Whether today, tomorrow or next week, the unfortunate odds are your hardware will fail or your users will accidentally delete data. Recovering your data can be extremely costly, and full recovery without a backup solution isn’t always possible. With Agio’s fully automated Backup Solution, we seamlessly backup, protect and recover your critical data. We replace tape backup systems with an enterprise-level solution, which includes advanced encryption, off-site redundancy, online access, data protection and restoration. We store your most current data on-site for quick recovery, and all of your data is stored at two additional geographically dispersed locations. Finally, our advanced data de-duplication reduces the amount of physical data backed up, creating a cost-efficient solution by reducing network utilization.
Through our onsite desktop support service, your dedicated onsite Agio resource can leverage the entire multi-disciplinary knowledge of Agio’s Client Services network to fix your issues by your side. Our On-Site End-User Support comes with Agio employees, who embody Agio’s commitment to excellence and superior customer service. However, we understand each firm and every environment is different. That’s why we partner with you to help manage our resource to embody your values, as well as our own. ×
Remote End-User Support
Remote End-User Support is dedicated to keeping you up and running at all times. We offer unlimited, 24x7x365 access to our dedicated team of experienced support professionals, in combination with Agio’s unique Enterprise Service Platform (ESP), to ensure each incident is given priority and resolved in a timely manner. With years of alternative fund-specific experience, and access to a centralized solution repository for best practices, Agio engineers are trained to effectively and efficiently resolve any IT issue you may encounter or support question you may have. By leveraging Agio’s highly qualified and certified technical staff, recruiting, training, and fulfillment of IT resources become a thing of the past. You can now concentrate on your business, not your help desk. ×
Agio’s Data Governance program offers a repeatable access control, ensuring all access requests are approved by your appropriate business owners and recorded for audit controls. With a data analysis and certification framework to review and approve access on a recurring basis, we ensure your users only have access to the appropriate systems required. Additionally, Agio offers a structured, repeatable process to manage new hires, transfers and terminations. ×
Agio Monitoring System (AMS)
AMS is the industry’s first monitoring application to integrate security (SIEM), performance, availability and monitoring in a single application. We monitor devices, users and applications across the entire IT infrastructure – on premise, in the cloud or a hybrid model – from a single pane of glass. By combining security, performance and availability with monitoring via powerful real-time analytics, AMS identifies security incidents and operational-impacting problems more rapidly, to keep your business running with minimal disruptions.
Leveraging AMS, our service offers five distinct benefits over traditional monitoring solutions:
CROSS-DOMAIN VISIBILITY | AMS spans server, storage, network, virtualization, databases and applications to automatically cross-correlate metrics in real time, all the while weaving a sophisticated security event management service throughout the entire solution.
BUSINESS SERVICE MANAGEMENT | AMS provides an automated and scalable means to define business services, associated applications and infrastructure resources, understand dependencies, monitor key performance indicators and proactively monitor delivery of the business service
ROOT-CAUSE ANALYSIS | AMS is able to rapidly isolate, in real-time, the root cause of security and network issues, which is especially valuable in virtualized environments
CONFIGURATION MANAGEMENT DATABASE (CMDB) | AMS auto discovers and populates CMDB for server, storage, network, VMs, applications and end users, providing a complete repository of all components across the environment, as well as full auditing and reporting of configuration changes and patching
SCALABILITY | A single instance of AMS can monitor applications in data centers, private or public clouds, and remote offices
With our 24x7x365 Management Service, we manage your environment to actively reduce downtime through detection and remediation. From data collection, trending and capacity planning, to deploying changes to servers, troubleshooting and monitoring performance, Agio ensures your environment is in a healthy state, and stays that way. Furthermore, our infrastructure management platform can be accessed by our service experts from anywhere, at any time, so there is never a single point of failure in terms of our systems or people. As an Agio client, you too have access to the AMS platform, offering a transparent view into what’s happening in your environment at all times.
By providing a managed and controlled environment with full reporting and accountability, our support model reduces your costs, while increasing end-user productivity. We offer four levels of monitoring and management:
LEVEL 0 MONITORING | Basic monitoring with escalation to client for all alerts. Agio provides the monitoring tools and resources, but all corrective action is completed by the client.
LEVEL 1 MANAGEMENT | Includes basic monitoring with additional responsibilities to carry out remedial actions as outlined and documented by the client. Examples are restarting services or rebooting a system.
LEVEL 2 MANAGEMENT | Includes Level 1 support with additional responsibilities to provide full system administration, problem remediation, proactive root cause analysis, capacity planning, and system patching and updating.
LEVEL 3 MANAGEMENT | Includes Level 2 support, and additional responsibility to provide engineering, such as architecture and design of new technology platforms, in collaboration with the client’s business or technology teams.
Agio’s SkySuite is fully integrated with Agio’s remote and on-site support to provide a single point of contact to meet your needs. We offer unlimited, 24x7x365 access to our dedicated team of experienced support professionals, in combination with Agio’s unique Enterprise Service Platform (ESP), to ensure each incident is given priority and resolved in a timely manner. With years of alternative fund-specific experience, and access to a centralized solution repository for best practices, Agio engineers are trained to effectively and efficiently resolve any IT issue you may encounter, or support question you may have. ×
Agio is so confident in our superior service model, we pledge it with a no excuses guarantee. For every month Agio fails to meet a service commitment to a client, we credit the customer with an additional month of service at no charge. End of story. ×
Zero Startup Costs
Starting a new fund can require significant capital outlays, but Agio believes having a world-class IT package need not be one of them. Only Agio offers emerging funds a zero startup cost option. With our no-guess-work, metric based service model you can easily predict your service costs and plan for future growth. No hidden surprises. Plus, we’re not concerned with long-term contracts, as we are fully committed to ensuring you’re extremely happy with the service you receive. ×
No matter how fast you grow, or how operationally complex your firm becomes, Agio SkySuite’s technology environment can scale up as quickly and seamlessly as your fund, without any interruption or the risks involved in having to change IT providers. Founded by senior technologists servicing many of the premier investment advisory firms, Agio has the people, processes and tools to provide an exceptional end-user experience from day one. ×
Up-and-Running in 30 Days
A newly formed fund founded by former investment banking professionals and utilizing a research driven strategy, required a cost effective, enterprise level infrastructure – and fast. The fund turned to Agio to provide recommendations for and implementation of a right-sized solution. By leveraging the Agio SkySuite framework, we were able to provide messaging, compliance, remote monitoring and management, and business continuity services, as well as the physical infrastructure, all for roughly half the average salary for a mid-level engineer. Best of all, we had them up and running in 30 days. ×
Doubled Their Coverage – Same Price
A growing firm, specializing in providing a platform for quantitative and analytical support, outgrew their existing support provider. As the firm reached an inflection point in their growth, they felt constrained by a lack of proactive outreach and creative problem solving in their existing relationship. Agio proposed an implementation focused on streamlining the firm’s processes and expanding both coverage and scope of support. By partnering with Agio, this firm was able to immediately reduce their costs associated with their hosted infrastructure environment, and then reinvest the savings into custom application development. The streamlined design increased system capability, and relieved the firm’s staff of many maintenance related tasks. The firm was able to refocus their valuable resources to developing future improvements to the firm’s platform.
By partnering with Agio, this firm was able to reduce the foot print of their hosted environment and increase end user satisfaction. ×
80 Hedge Funds Supported Daily
The Global Investment Bank’s Prime Brokerage Division (PB) contracted Agio to provide infrastructure and application support to their hedge fund clients based in the U.S. and EMEA. In July 2010, Agio took over the services and is currently providing support to PB's 80 hedge fund "tenant" clients, as well as over 600 of their hedge fund prime brokerage clients. Agio was required to meet the rigorous and demanding set of service level agreements and governance provisions of a global bank. After over a year of service, Agio has successfully met and/or exceeded every measurement and provision agreed between the two firms. ×
$8B Fund Improves Support with 22% Cost Savings
Agio joined forces with Point72, formerly SAC Capital Advisors, to collect intelligence that would effectively create a high-end technology infrastructure and application management services fulfilling their high expectations of service and solutions. From the beginning, Agio took over service desk management, managed and monitored IT infrastructure, managed databases and provided detailed governance services. Point72 also took advantage of Agio’s Application Services including QA resources, Application Support, Configuration Management, Application Development and Trade Floor Support. ×
Database Administration involves many different facets to make sure your systems are kept up-and-running, efficient and high performing. Agio Database Administration includes real-time 24x7x365 database monitoring and problem resolution. But we don't stop there; our dedicated database administration (DBA) team monitors alerts and responds to threshold, latency and job errors, while managing your databases and assisting your team with changes, space utilization, and security. Our DBA service includes:
Data Protection & Availability | We protect your data by ensuring your databases are backed up properly, as well as replicating them on a routine basis.
Performance | Agio has developed a comprehensive framework of tuning and housekeeping parameters to maintain your database environment in optimal condition.
Security & Best Practices | We make sure that your database security measures are up-to-date, keeping track of and managing changes for you, including the installation of security patches. We also implement best practices in terms of account management, roles, access permissions, and log reviews. All of our database operations are fully audited for complete transparency.
Capacity | Disk space management is crucial to avoiding application failure and data corruption. We closely monitor and report on capacity parameters on a daily basis in order to identify potential issues before they occur.
Problem Resolution | In addition to our database specialists, we have in-house networking and server specialists on-hand to identify and resolve issues. Even if the source of the issue is not clear-cut between network, operating system or database, we own the problem right through to the resolution.
Multi-Platform Support | We support a variety of platforms, including Microsoft SQL Server, Sybase, Windows and Unix.
Why It's Different
At Agio, we don't depend on out-of-the-box tools. As with many of our other service offerings, we developed a custom tool, called Agio Admin, which provides us with an inside look into your database environment, capturing up to seven days of information. Why is this special? When a problem does arise in your environment, we are able to go back in time to see what led to the issue, essentially reading a database environment like a history book. The more data that's available, the quicker the resolution. A speedy resolution means less downtime for you. And the best part? Unlike many expensive software packages on the market, we include Agio Admin as part of our overall Database Administration (DBA) service.
Amazing tools are only part of the equation. People and experience make up the difference. At Agio, we have seven dedicated DBA members on staff with 40+ years of combined experience, focused solely on administering database environments. This focus allows them to master their database expertise and focus on the task at hand, guaranteeing that you have a stellar team working to make your environment as highly optimized and efficient as possible.
Since the beginning of 2014 alone, the following large security breaches have hit national and international news, costing millions of dollars and taking many jobs along with them:
Security Breach at Target
Day-to-day management of security controls is crucial. Failure to detect and recognize malicious activity in your environment places your organization’s data and reputation at risk. Other risks include:
Intellectual Property Loss
Compliance & Audit Failure
By providing a managed and controlled environment with full reporting and accountability, Agio’s 24x7x365 Managed Security service proactively manages your environment to reduce security threats through detection, response, and remediation.
Agio Managed Security provides these key benefits:
PROTECTION AGAINST ADVANCED EVASION TECHNIQUES | We provide defense against a new class of sophisticated evasion techniques, even when they are applied on multiple protocol levels, increasing your protection against advanced persistent threats and other undesirable traffic.
SECURITY INFORMATION & EVENT MANAGEMENT | Agio Managed Security uses a discovery-driven approach that prevents future security blind spots and adds user, application, and business service context to events. We provide unparalleled threat monitoring, prioritization and mitigation responses leveraging data from all relevant sources.
SYSTEM VULNERABILITY & PATCH MANAGEMENT | The automated service scans network assets for vulnerabilities and configuration consistency on a daily basis. This process clearly identifies potential areas of exploitation and increased security risks.
SECURITY ADVISOR & TRUSTED PARTNER | We offer additional service offerings related to industry threat trending, business vertical security intelligence reports, and recommendations on reducing risk based on this information.
SECURITY INFRASTRUCTURE LIFE CYCLE MANAGEMENT | The Agio Security Operations Center (SOC) provides a structured, compliant and comprehensive approach to maintaining security device health and efficacy. To increase the effectiveness of this requirement, Agio has developed compliance-driven processes and procedures.
Managed Security becomes an even more amazing tool when combined with two of Agio's existing platforms: Agio Monitoring System (AMS) and Agio Enterprise Service Platform (ESP).
Agio Enterprise Service Platform (ESP) utilizes a scriptable heuristic algorithm, advanced data mining techniques and predictive analytics to auto-prioritize our clients' open tickets. This tool enables Agio to more swiftly and effectively resolve issues in your environment without anything falling through the cracks.
Agio Monitoring System (AMS) is a customized monitoring application designed to integrate security information, event management, performance, availability and monitoring in a single application. The AMS platform acts as a single pane of glass, offering a transparent view into what’s happening in your environment at all times.
By combining security, performance and availability with monitoring via powerful real-time analytics, AMS and ESP identify security incidents and operational issues rapidly, keeping your business running with minimal disruptions.
Our Managed Security service offers unique features you can't find anywhere else:
Our approach is focused on protecting your data, not just securing the perimeter. In other words, we secure your environment from the inside out.
We monitor and manage confidentiality, availability, and performance across all platforms while continuously managing vulnerabilities.
Agio Managed Security ensures your firm’s compliance with your own internal security policies, a feature we call Configuration Monitoring.
We draw from our experience as security professionals, leveraging technology and partnering with your team to protect your data. In the security arena, deep expertise is more than just knowledge; it is equivalent to having intuition. It can make the difference between recognizing patterns and overlooking them. A quick glance into our expertise:
20+ years dedicated security experience with seasoned experts
Agio Managed Backup is designed to back up and recover your data from anywhere, at any time. Your most current data is stored on site for quick recovery, and all your data is further protected at two highly secure, geographically dispersed data centers located in Allentown, PA, and Seattle, WA. What’s more, our advanced data deduplication process reduces the amount of physical data backed up, creating a cost-efficient solution for you by reducing network utilization. This enables seamless back up, protection, and recovery of your critical data, while reducing costs and meeting today’s demands for speed, efficiency, and scalability.
When it comes to backing up your data, recovery is everything. When something goes wrong, all you care about is getting your data back—now. Two important processes help us achieve 100% recovery peace of mind for our clients:
This unique feature guarantees data integrity with absolutely no corruption, for successful restores every time. Autonomic Healing continuously monitors the backup repository for data corruption; if corrupt data is found, it corrects it, removes it, or reports that a correction is needed. Beyond just checking file headers and links, Autonomic Healing goes even further, verifying the logical validity of data, such as invalid names, name duplication, ID duplication, potential reconstruction failure, consistency, etc.
We ensure data is restorable by simulating real recoveries without actually writing the restored data. Simulated recoveries are run in the DS-System memory, which is flushed once the process is complete. What’s more, we use digital-signature-based validation to ensure file integrity.
Finally, Agio Managed Backup offers the flexibility of customizing your recovery time for certain blocks of data, which comes in handy when we're talking about your mission-critical application data. Depending on your Recovery Time Objective (RTO), we offer two optional features:
Continuous Data Protection (CDP) can be selected for specific backup sets to guarantee you are up and running quickly with minimal data loss.
Agio's DR Platform replicates your data in real time, which we can snapshot to provide complete recovery in minutes, instead of hours.
Traditional backup and recovery can be messy, but Agio Managed Backup allows you to set it and forget it. We simplify the installation process and ongoing maintenance with our agentless architecture, eliminating downtime, disruption, and complexity. But it’s called Managed Backup for a reason—we do the work. We monitor your backups 24x7x365 with Agio Monitoring System (AMS); if a job fails, Agio’s proprietary Enterprise Service Platform (ESP) flags it to our team for remediation. We understand, however, with responsibility comes the need for transparency. Agio Managed Backup offers you full access to an easy-to-manage, centralized, unified view of your systems, users, and devices—even when data is backed up in silos across your environment. So no matter how complex your disaster recovery and business continuity strategies are, we’ve got you covered. ×
Security & Compliance
In today’s world of constantly evolving cybersecurity threats, a service is only as good as its security. With Agio Managed Backup, your data is protected, twice over. Not only is your data backed up to Agio’s secure private cloud, but our cloud is further shielded by Agio Managed Security, a 24x7x365 service dedicated to providing 360° security. Even if you experience a hack in your environment, your data is 100% protected in our network. What’s more, our agentless architecture actually enhances the security of your overall environment. By going agentless, you no longer have to rely on agents that need to be installed on each machine. This removes open, vulnerable ports on your firewall for all backup sources, which effectively eradicates all points of attack inherent with agent-based models. Finally, it’s important to note that Agio Managed Backup also includes:
AES 256-bit in-flight and at-rest data encryption
Government-approved NIST FIPS 140-2 security certification
Customer-controlled encryption key and authentication
Over the last four years, the number of cyber attacks on businesses increased by 144%, the cost of cyber crime per company has increased by 95%, and the average time to resolve incidents has increased by 221%1. Faced with the reality of this increasing threat, the SEC issued the 28-item OCIE Risk Alert in April 2014, followed by a Guidance Update a year later in April 2015. Additionally, a stream of large corporate breaches, including Target, Home Depot, eBay, JP Morgan, Sony, and others, exposed critical vulnerabilities that ignited investor and C-Suite pressure, demanding firms to act.
As a trusted and premier MSP to hedge funds at every level, we saw the need to not only leverage our expertise in cybersecurity, but also create a program specifically aligned with the SEC OCIE Risk Alert so you, and your investors could sleep at night. Agio’s SEC Cybersecurity Readiness Program is a proactive, methodical approach to cybersecurity, under the direction of a virtual CISO, which aligns with the SEC OCIE Risk Alert and drives clients toward compliance. Through Risk Assessments, Penetration Testing, Security Architecture, and more, we’ll spend 24 months getting you and your environment fit. You’ll begin seeing immediate results within the first few months, and each month that follows you’ll be put through exercises, seminars, testing, and briefings that will continue to develop fitness at a digestible level. ×
We begin by evaluating your firm’s information security program, policies, workflows, vendor relationships, security architecture, and user awareness. These functional areas are then measured against the NIST Cybersecurity Framework and the 28 areas of interest from the SEC OCIE Risk Alert. Consider the first six months of Agio’s SEC Cybersecurity Readiness Program as boot camp, where we provide you with deliverables that help you respond to investors and the SEC Risk Alert. The remaining 18 months is training and conditioning, helping your firm develop tier one cybersecurity habits. Activities include:
Security Risk Assessment -SEC/OCIE Gap Analysis
Policy Review & Development
Social Engineering Testing: Phishing, Pretexting, USB Drive Baiting, Physical Office Security, etc.
One or two internal security engineers don’t stand a chance against the thousands of advanced hackers out there dedicated to breaching your network. You need an army—no ordinary battalion will do. You need rigorously trained, hardcore, unshakeable, obsessed cybersecurity special forces. Meet Agio Security. Our team has over 20 years of security experience, including deep PCI, HIPAA, and NIST expertise. We eat security and compliance for breakfast. Additionally, our proactive relationships at the SEC ensure we have a direct line to the latest and greatest intelligence. We’ve got you covered.
CISO on Deck
Every team needs a great leader: someone who’s strategic, proactive, and can lead their troops in and out of the stickiest, most dangerous situations. With our SEC Cybersecurity Readiness Program, you not only get special forces, you get experienced, forward-thinking CISO guidance to oversee your environment’s security and compliance posture. In monthly check-ins, we sit down with you to discuss the best long-term direction for your firm and the decisions and tactical execution required to get you from A to B. With this type of ground and air support, you can rest assured you’re setting your firm up for success now and in the future.
As a trusted PCI Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) for nearly a decade, our program is tailored to address PCI compliance for merchants and service providers alike. Agio PCI 360° is a holistic, programmatic approach to maintaining PCI compliance through proactive collaboration and CISO-style guidance, with a long-term view towards strengthening your security posture. Led by your assigned QSA and dedicated Project Manager, our annual program helps you make steady progress against PCI milestones throughout the year, as we collaborate with you at a sustainable pace. What’s more, PCI 360° realizes cost benefits by amortizing your PCI spend throughout the year, providing a manageable, predicable, and digestible budget.
Maintaining PCI compliance requires a month-in, month-out commitment to habitual activities that maintain compliance and fortify your cybersecurity defenses. While it’s typical to focus a high level of effort on compliance activities for a concentrated period of time, we spread those activities over the course of 12 months, so they become more manageable and less disruptive to your organization. Instead of having a steep climb to compliance every year, Agio PCI 360° manages the process for you, with a prescribed, yet digestible, level of steady effort. By fitting into your existing security and compliance framework and augmenting the expertise and specific skills your firm already possesses, we form a custom partnership that maximizes your benefit.
We know what it takes to be compliant, and we’re going to get you there. Specifically, our partnership with you includes the following activities, which can be customized to fit the size and maturity of your organization.
Policy review and development
Security risk assessment and gap analysis against best practices and the PCI Standard
Vulnerability scanning and assessments
Penetration testing, including social engineering
Incident response testing and breach management
Security awareness training
Program management, plus a web portal for PCI compliance collaboration
Ad hoc security and compliance consulting
Assistance with your SAQ or a formal RoC assessment
Every company subject to the PCI Standard needs an experienced guide to help them navigate the compliance waters, specific to their unique needs. With Agio PCI 360° you get CISO-level advice from our Primary QSA to ensure you understand the nature of your environment against the backdrop of PCI compliance. In your monthly check-ins, we sit down with you to discuss the best short term, tactical steps to take you from point A to point B, with your long-term security posture in mind. Beyond that, your QSA is also available to attend any discussions with your acquirer(s) or other third parties to assure you know what is expected of your company and why.
In addition, a committed Project Manager (PM) and our PCI Portal serve to keep you on schedule and on budget. Specifically, your PM oversees the milestones of your tailored program, reports on the status of ongoing or upcoming events and tasks, plans future work, and troubleshoots problems or issues that arise. And if you have any questions about the tracking of your overall engagement, you have full access to the same PCI Portal.
While many compliance requirements and standards are relatively new, Agio has performed IT security assessments for nearly 20 years, focused primarily on the retail and hospitality, healthcare, government, and education industries. We are qualified to perform any assessment, scan, or consulting engagement needed for PCI compliance, and, as QSAs, we are specifically authorized to conduct the formal assessment and provide a Report on Compliance (RoC).
All of our internal, full-time QSAs are all practicing IT security consultants with an average of 10 years’ experience. This is an important distinction between our expertise and that of a pure audit firm. Auditors without a technical background don’t necessarily understand the security or operational implications of the recommendations made and guidance provided, which can leave you open to non-compliance. It’s Agio’s technical background and detailed understanding of PCI compliance that offers you a robust, effective compliance partner with an understanding of the what’s, why’s, and how’s of your compliance.