Principle Logic - Home of information security expert Kevin Beaver

Whether your organization is a Fortune 1000 corporation, a non-profit, an independent software vendor, a small or medium-sized business, a university, or a government agency, I have performed security work at all levels and can help you with your needs. I'm committed to being your information security expert who provides a human touch, is easy to reach, and is enjoyable to do business with before, during, and after the sale.

My Background
I am an independent information security consultant, author, keynote speaker, and expert witness with nearly two decades of experience in IT -- the last 13 years of which I've dedicated to information security. Before starting Principle Logic in 2001, I served in various information technology and security roles for several healthcare, e-commerce, financial firms, educational institutions, and consulting organizations.

I have presented at seminars and conferences over 100 times and I'm consistently a top-rated speaker on information security at shows for RSA, CSI, and IIA. I've also recently keynoted shows for Hewlett-Packard and IDC. I am author/co-author of seven books on information security including the highly-successful ethical hacking book Hacking For Dummies, Hacking Wireless Networks For Dummies, Securing the Mobile Enterprise For Dummies, and Laptop Encryption For Dummies (all by Wiley ) as well as The Definitive Guide to Email Management and Security (Realtimepublishers.com) and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). In addition, I am a contributing author and editor of the book Healthcare Information Systems, 2nd edition by Auerbach Publications, technical editor of the book Network Security For Dummies by Wiley Publishing, and technical editor for over a dozen books and whitepapers for Realtimepublishers.com.

In addition to my books, I am the creator and author of Security On Wheels audio programs providing security learning for IT professionals on the go. I have an associated blog at securityonwheels.blogspot.com. I am also a regular contributor of information security content for SearchWindowsSecurity.com, SearchSoftwareQuality.com, SearchSQLServer.com, SecurityInfoWatch.com and Security Technology and Design (ST&D) magazine.

I am the founder and past president of the Technology Association of Georgia’s Information Security Society and serve as an IT advisory board member for two Atlanta-based colleges. I earned my bachelor’s degree in Computer Engineering Technology from Southern Polytechnic State University and my master’s degree in Management of Technology from Georgia Tech. I also hold the Certified Information Systems Security Professional (CISSP) certification which I obtained in 2001.
___________________________________________________________________

What My Clients Are Saying About Me

The following are testimonials from a sampling of my Fortune 500, Internet startup, government, and non-profit clients:

“We are a small business and until an independent Web security review was required by a major prospect we hadn't considered contracting with a third party for this type of project. Kevin's ability to quickly understand our needs, meet our stringent project timeline, effectively communicate the results and provide guidance during the implementation of the needed changes in our application were invaluable. We were pleased with Kevin's value proposition and excellent service and will be utilizing his firm to complete regularly scheduled scans going forward. We would certainly recommend Principle Logic's Web security assessments to other companies with similar needs.”

"Reliable, Realistic, Reassuring. At the recommendation of our auditors, we contracted with Principle Logic to assess our network security. Obviously, we believed we had taken the necessary steps to ensure that our network was secure from potential threats (from inside and outside the organization) and such a review would be a perfunctory confirmation of such. To the contrary, through Kevin's methodical and thorough testing, we gained incredible insight about our network as well as our policies and our procedures. Kevin took the time to not only evaluate our hardware and software using some very sophisticated tools, but also to learn about our organization-how it operates, our core values and our operational strengths and weaknesses. Consequently, we received recommendations which were realistic and relevant to our situation. I should be able to receive continuing education credit for my time with Kevin during the review. Not only did I learn about the strengths and weaknesses of our network but I also learned about trends in the industry and how some of the biggest breaches in security have occurred in cases where management "thought" adequate controls were in place. As we are now addressing our vulnerabilities, I have much greater confidence in the security of our network. And, since the "bad guys" continue to exploit, we are now planning to have Kevin conduct routine reviews in the future."

"We are a small business and until an independent Web security review was required by a major prospect we hadn't considered contracting with a third party for this type of project. Kevin's ability to quickly understand our needs, meet our stringent project timeline, effectively communicate the results and provide guidance during the implementation of the needed changes in our application were invaluable. We were pleased with Kevin's value proposition and excellent service and will be utilizing his firm to complete regularly scheduled scans going forward. We would certainly recommend Principle Logic's Web security assessments to other companies with similar needs."

“As a provider of software that processes and stores sensitive information protected by various privacy and security regulations, we needed to hire an independent expert to analyze our application to uncover software flaws and security vulnerabilities. After interviewing companies to use for this assessment, we settled on Kevin Beaver based on his experience, knowledge, and understanding of both the technical and the business end of Internet business operations. Kevin’s tests and report were informative and detailed, yet easy to understand. He also provided a follow-up validation assessment that we can share with our customers showing that any issues discovered were fixed. We also benefited from Kevin's large network of IT professionals that were a great knowledge base when reconciling potential vulnerabilities. Kevin will be our choice for performing application security assessments in the future.”

"I was extremely impressed by Kevin Beaver's capability and knowledge in performing a security assessment of our e-commerce system. He performed a variety of tests and discovered vulnerabilities that we were unaware of. The report he provided me was a very thorough document that stepped through all verified and potential vulnerabilities and detailed where we were secure, and where we were not. What's more, he took the time to explain in plain English what the problems meant, and how we should prioritize our efforts to fix the issues he discovered. I do plan to involve Kevin on future projects because he has proven himself to be a reliable and thorough security expert."

"When our audit and IT teams first interviewed Kevin in regards to conducting our bank's annual network assessment, each of us immediately knew that he was a fit for our environment. Not only does he understand what is necessary for a strong and secure environment, he is ready and able to recommend workable solutions. We were very happy that we worked directly with Kevin through out the entire process."

“A very competitive automotive manufacturing and engineering environment coupled with the ever increasing complexity and severity of security threats gave us great concern. Unfortunately we had no idea where to turn for a non-biased assessment; we had several of the big network/security vendors review our network but they always had a sales pitch on how to fix the problem; in fact they missed most of what Kevin found. Kevin provided us a non-biased assessment and saved us thousands of dollars in the process. We were provided a clear concise report which included an executive overview, a technical how-to repair section, and he even included information about what we can do to train ourselves for the future. We will definitely be calling upon Kevin’s services in the future as we continue to grow."

"Among the things we most appreciated about working with Kevin was his practical, down-to-earth approach. Kevin was able to provide practical recommendations for each issue identified. We appreciated Kevin's thorough follow-up via his well-written report and willingness to answer questions on an ongoing basis."

"Our financial services company had a need for Web server penetration testing and help preparing for a security audit from a prospective client. Kevin came highly recommended so we contracted him to help us. We had to examine many levels of security including server configuration, firewalls, routers, policies, procedures, business continuity, and legal. He was very thorough and knowledgeable in the audit areas and with regard to the various security tests he performed. None of my numerous questions went unanswered. I would recommend Kevin and Principle Logic to anyone who is concerned about protecting their network."

"Kevin's security audit was an excellent way to check my work. He caught many things that I missed. Things that could have been major problems.While working with Kevin, his knowledge of security and computer systems in general impressed me a great deal, but more impressive was his ability to quickly adapt to my system and learn new tricks. He was able to change his entire system to connect to mine. Hackers would have done the same thing. No software tool could have done it - an audit needs to be performed by a person as skilled as Kevin. I learned a great deal about our network from Kevin's audit. He found some major flaws in our 'armor' that I didn't know how to fix. Kevin knew how to fix them, he worked with me personally and gave me a lot of new insight about how to prevent problems in the future. I was very skeptical of having a security audit done. I thought it was a waste of money because I thought our network was secure. When Kevin finished the audit, my eyes were opened and I now realize what a great asset it is."

"Kevin has performed several security consulting engagements for us and has always delivered high quality, timely results. He is extremely knowledgeable in the area of security and has provided a great deal of insight and professionalism to our organization."

"While his technical expertise is quite thorough, I believe his biggest asset to our company is the ability to translate that expertise into practical, real world applications."

"When our company wanted to formalize and update our security, we interviewed several national firms. None of these firms offered the right combination of services, customization, and price to meet our needs. When doing research, we stumbled upon an article written by Kevin which provided accurate, down to earth advice for dealing with the issue at hand. We soon contracted with Kevin to provide our security auditing and documentation. Kevin has the rare combination of talent, experience, and flexibility which provided us with a pain-free implementation of security practices."

Contact me for a proposal and I'll share with you who wrote these testimonials.