Kenneth Ingham Consulting, LLC

“Kenneth brings outstanding expertise to the complex subject of information security. He has the breadth and depth of skill to analyze the big picture, produce detailed reports, and make well prioritized recommendations.”—Paul Caskey, Information services director at Applied Research Associates (ARA), September 9, 2009. Kenneth Ingham Consulting has been helping customers since 1990. We can help you with:
System development
Security is necessary throughout the entire software development lifecycle, and we help in all phases. We have worked with many customers on identifying the security requirements for a system. Once these are known, we help with secure design techniques. Given a good design, the programmers need to code securely. As coding takes place, security testing occurs. Finally, the system must be securely deployed and regularly audited. We have experience in all of these phases and can help you in any or all of them.

We can help your developers avoid the CWE/SANS Top 25 security errors. If you develop web applications, remember that the security and reputation of your company is riding on the quality of your web applications (both Internet-facing and intranet). We can work with developers on avoiding the OWASP Top Ten web application security errors.

Security preaudits
If you are about to be audited for compliance (PCI, HIPPA, SOX, FERPA, etc), we can do a pre-audit to identify problems the auditors will find, giving you time to fix them before they affect your compliance certification.

System purchases
You first identify requirements for the new system. We can help you identify security requirements for the new system. Because of our practical experience, we also ensure that the requirements can be met with today's technology. You then work with vendors to see what they offer that meet your needs; we can assist you by independently verifying vendor security claims. The best system in the world is insecure unless properly deployed, so we will also help you securely deploy the new system and help you develop procedures to ensure that it continues to work securely.

Since we do not sell products, our work and recommendations are independent and unbiased. We help you get what you need instead of what the salesperson wants to sell you.

Secure system and network design
Are you designing a new network? We can work with you to ensure that your security requirements are met in the architecture.

Training, both prepared and custom
We offer instructor-led onsite, remote-instructor, and computer-based training on security and GNU/Linux systems. Because everybody working at Kenneth Ingham Consulting is also a practicing professional, the training is not just theoretical.

Network and system administration
We can help you with managing your systems and networks of systems. With our extensive background in security and system administration, we can assist with planning, implementing, deploying, and running your network. We work with servers and desktop/laptop clients. We can assist you with secure remote access solutions.

Copyright 2009 Kenneth Ingham Consulting.