Pratum Blog

Technology Association of Iowa - Iowa Technology (IT) Roadshow sponsored by Pratum

As Iowa’s leading cybersecurity experts, Pratum is excited to announce a new partnership with the Technology Association of Iowa (TAI). Pratum will serve as a sponsor of the first Iowa Technology (IT) Roadshow; promoting the importance of cybersecurity across the state of Iowa.

The goal of the IT Roadshow is to share information and promote advocacy for the technology industry. As a company with clients across Iowa, it’s important for Pratum to bring knowledge of cybersecurity to the entire state. This is part of Pratum’s continual mission to provide quality, cybersecurity resources through education and assistance.

What the Roadshow will look like:

There will be ten stops on the IT Roadshow with the hope of reaching as many people as possible. These events will be held in rural communities all over Iowa to share information with individuals looking to learn more about the technology industry. Each event will feature four panelists who specialize in different fields of technology. As leading sponsors Pratum and U.S. Cellular will be constant fixtures, speaking at every stop on the tour.

"The Technology Association of Iowa continues to connect its members and provide unique opportunities to unite Iowa's technology community. The IT Roadshow is a prime example of their commitment to finding innovative ways to provide technology education to our state, and we are excited to join them on this tour across Iowa,” said Jordan Engbers, Pratum CAO.

Topics being covered:

Each panel will be customized to fit the needs of the community attending. Some of the topics covered during the tour will include: Agriculture Technology, Tech Education, Telemedicine Services, Manufacturing Technology, and much more! (TAI will be releasing more details early in 2020 on the topics being covered in each city.)

Pratum’s involvement in the IT Roadshow will be discussing how cybersecurity impacts businesses from every corner of the state. Pratum will share information about the importance of protecting your data, and how to pinpoint the risks even small businesses face. The practices Pratum will be speaking on are the same for anyone looking to create a more robust security program, no matter the size of your organization.

“There are a lot of really cool things happening across the state of Iowa. Pratum recognizes the strength of our economy is tied to helping maintain and grow the business environment throughout the state, not just the larger metro areas. The IT Roadshow proves that TAI and our members are a statewide community that can collaborate to meet the needs of the entire state,” said Dave Nelson, Pratum Founder and CEO.

With the constant changes in technology, particularly cybersecurity, Pratum is thrilled to share expertise with anyone looking to protect their online assets.

Iowa Technology Roadshow Events:

Spring IT Roadshow Schedule

  • April 27, 2020: Burlington, Iowa (Greater Burlington Partnership)
  • April 28, 2020: Ottumwa, Iowa (Ottumwa Regional Legacy Foundation)
  • April 29, 2020: Grinnell, Iowa (Grinnell Area Chamber of Commerce)
  • April 30, 2020: Indianola, Iowa (Indianola Chamber of Commerce)
  • May 1, 2020: Council Bluffs, Iowa (Council Bluffs Area Chamber of Commerce)

Fall IT Roadshow Schedule

  • October 19, 2020: Decorah, Iowa
  • October 20, 2020: Waverly, Iowa (Waverly Chamber of Commerce)
  • October 21, 2020: Fort Dodge, Iowa (Greater Fort Dodge Growth Alliance)
  • October 22, 2020: Spencer, Iowa (Iowa Lakes Corridor Development Corporation)
  • October 23, 2020: Sioux City, Iowa (Siouxland Chamber of Commerce)

Pratum is an information security consulting and managed cybersecurity services firm. Our goal is to enable every client to securely use technology to meet business objectives.

Validating Vendors' Cybersecurity Practices

Working with vendors is necessary for many businesses, no matter the size. That often means giving sensitive data to people outside the comfort of your own company walls. While the extra help can be crucial to the growth of your organization, it can also open yourself and clients to possible risk. A mature vendor management program is paramount for the protection of your data.

So where do you start?

First, you need to identify your critical vendors (Learn how in our post “IT Vendor Management”.). You should be devoting extra attention to these vendors because they could be the highest risk to your organization.

How do you know if vendors are protecting your data?

One way to double-check the safety of your information is to look over your vendors’ third party validated reports. These reports are conducted by an outside auditor to review the security programs a vendor has in place.

Compliance reports will reveal the scope, gaps, exceptions, and complementary user entity controls.

  • Scope shows what the report covers. This is where the auditor lays out exactly what is being reviewed in the vendor’s security. This helps a business reading the report know how the results correlate with the way they will work with the vendor.
  • Gaps and exceptions are the items or practices missing from a vendor’s security program. These can be either minor or major. It may take an IT expert to determine what is worthy of concern, and what may be passable.
  • Complementary user entity controls explain what the business is responsible for in the security process. This lays out the procedures a business should have in place to protect itself when working with a vendor.

One example of a third party validated report is a SOC 2 report. While these reports can be a wealth of knowledge for a business, not all organizations will have them available. That means you need to find alternative ways to determine the security practices of your vendors. One way to do so is by asking a lot of questions!

Questionnaires can help when SOC 2 reports are missing.

Questionnaires are a way to evaluate a vendor’s security program. This will include questions about how they plan to protect your data, and what practices are already in place.

There are a few ways you can come up with a valuable questionnaire. They can be written by internal IT staff; just make sure you verify their knowledge of compliance reports. If they don’t feel comfortable creating the questionnaire, another option is outsourcing the job to a cybersecurity firm. Once the questionnaire is sent to the vendor, they should be able to fill out each question with ease. Not being able to do so could raise concerns.

Another red flag would be a vendor who has a SOC 2 report but refuses to share it with the business. Sharing SOC 2 results is a common practice and they should not be withheld from organizations working with that vendor. However, it is acceptable for vendors to request a non-disclosure agreement prior to delivering the report.

Do not settle for knowing a SOC 2 report is there.

Often business owners will ask a vendor if they have a SOC 2 report, but they never actually review the results. Simply having a SOC 2 report done does not mean the vendor is secure. Assess and analyze the results. Then determine if that vendor is going to protect your company’s sensitive data. Your data is one of your most precious assets. Don’t leave it to chance in the hands of unsecure vendors.

If you receive compliance reports, but still have no idea what they mean, there are cybersecurity experts ready to help!

Pratum Acquires Seneca Security - Digital Forensics Firm

Iowa Based Cybersecurity Firm Expands into Minnesota and Wisconsin Through Strategic Acquisition of Seneca Security

[Ankeny, IA, October 22, 2019] Pratum, Iowa-based cybersecurity firm, today announced the acquisition of Seneca Security, a Twin Cities area-based digital forensics firm. Seneca provides forensics expertise to guide clients in internal corporate investigations, criminal and civil litigation, and data breach response.

The acquisition enhances Pratum’s ability to deliver comprehensive security services by increasing forensics capacity and incident response expertise. As clients continue to search for providers that offer a full suite of cybersecurity services, Pratum is evolving its services to remain ahead of demand. The leadership, business model, and geographic location of Seneca Security make it a great fit for Pratum.

“With the acquisition of Seneca Security, we were able to expand our digital forensics practice while simultaneously gaining a foothold in a new market. This is a win for both companies and positions Pratum to continue our strong pattern of growth,” commented Dave Nelson, Founder and CEO at Pratum.

The addition of Seneca immediately establishes Pratum as a contender in the Twin Cities market. Pratum now has employees and offices extending from the northern Midwest down to Southeast Texas.

We are thrilled to be part of the Pratum family. By joining forces, I can remain focused on digital forensics services while contributing to a team that delivers all-inclusive security services.”

Lucas Woodland, Founder and CEO at Seneca Security

Pratum's acquisition of Seneca Security was completed on October 4, 2019, and the parties are executing a seamless transition plan for current customers of Seneca Security.

Contact Pratum
Get our blog posts delivered to your inbox:

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.