Procyon Security Group

Your Trusted Partners for Information Security

BC Government Facilities Management STRAs (March 2019 – August 2020)

Procyon participated in due diligence activities in support of the IT security assessment on a Proponent's submission regarding the information management systems proposed for the management of the BC Government's real property. Subsequently, a Procyon team of security analysts developed a detailed security threat risk assessment (STRA) on the final solution, which is comprised of 15 best-of-breed applications hosted in 8 different data centres (SaaS, PaaS, and service provider co-location facilities). Procyon has been retained to assist with implementing STRA recommendations and assessing further enhancements.

Yukon eHealth STRAs (December 2015 – January 2017)

Procyon developed several Canada Health Infoway deliverables, including a privacy and security architecture document and security threat and risk assessments for the deployment of Yukon eHealth. This deployment included a new client registry, a new drug information system, and extended lab information system connectivity.

eHealth Technical Integration and Enterprise Security (March 2011 - March 2015)

Procyon acted as the enterprise security lead for the BC Yukon Public Health Implementation Project (BCY-PHIP, aka Panorama), with lead responsibility for enterprise security, user management and federated authentication solutions. Conducted security threat risk assessments on several different Panorama environments (data migration, staging, and clinical deployment) and provided advice and guidance on network security requirements.

BC Provincial Lab Information System (September 2006 – June 2010)

Procyon staff were members of the Interoperable Electronic Health Record and Provincial Lab Information System project (iEHR-PLIS) Technical Architecture team. For this project, Procyon had lead responsibility for enterprise security, identity and access management, communication security and user authentication services.

Security Architecture and Testing (2005 - present)

Security architecture design, threat modeling and security testing of web applications; security assessments, penetration tests and incident response (Top Producer Systems, Move Inc., Alberta Health Services, etc.)

eHealth Security Conformance and STRA (2010 - 2012)

Security conformance gap analysis against BC eHealth Security Conformance Standard and Security Threat Risk Assessment for deployment of various BC eHealth applications at Provincial Health Services Authority (PHSA) and Northern Health Authority (NHA).

Application and Network Vulnerability Scanning and Penetration Testing (2012 – present)

Completed scanning and testing for provincial regulatory bodies. This work included internal and external scans of the network (including wireless networks) and their custom-built web-based applications.

CobiT Based Network Security Audit (2011)

Completed a risk-based ISO/IEC 27002 network security audit for BC Lottery Corporation (BCLC) including assessment of key security controls associated for a newly implemented network infrastructure in support of a new a province-wide Gaming Management System.