Assessing your network security has never been more important. Unfortunately, too many security firms simply don’t find the root causes of security vulnerabilities, nor fix them once they’re found. Their tactical recommendations make it impossible for organizations to get off the “find, fix, find, fix” treadmill, and on the road to sustainable risk reduction.
At ITeck Solutions LLC, our experts identify and help you remove critical vulnerabilities. But more importantly, we help you with the strategic information you need to attack vulnerabilities at their sources. We provide a complete vulnerability assessment and penetration-testing services to address a range of requirements and budgets. Our Security Audit process includes:
Vulnerability Assessment ◇ Penetration Testing ◇ Physical Environment Assessment
Security Policy Drafting & Review ◇ Security Awareness Assessment ◇ Discussion & Mitigation
Vulnerability Assessment
Vulnerability Assessment is the process where ITeck will unobtrusively examine your network for known, potential risks such as weaknesses in operating systems, software applications and hardware implementations, as well as patch updates and openings in your firewall that might allow for attacks. ITeck will scan for these vulnerabilities and put together a comprehensive report assessing the risk level and criticality.
Penetration Testing
Knowing what vulnerabilities exist is not enough when it comes to a thorough examination of your network. Once we have a list of potential weaknesses, we need to discover if, how and to what degree they might be exploited. This gives us the knowledge we need to implement the proper solution to protect you. Should we just close a port on the firewall, install a patch, or upgrade the entire application? Penetration testing will tell us so we can recommend the most effective and cost effective fix for you.
Physical Environment Assessment
You may have the best firewall and intrusion prevention system money can buy, but this won’t help if an average person is able to walk up to your server and plug in a USB drive. Or add a keystroke capture device between HR’s keyboard and computer. Part of ITeck’s comprehensive security audit process is to perform an assessment of your physical environment including ability to walk in unchallenged and access to high risk systems such as ability to lay hands on your server.
Security Policy Drafting & Review
Policy builds the foundation for good security. It is policy that develops the framework for how people securely interact with your network, from establishing strong passwords, to what can and cannot be installed on a users’ workstation, to what web sites are permissible to cut down risk of infection. Many companies don’t even have the basis of a security policy. ITeck can help create this for you based on our vast experience with other industries related to yours or we can review your existing policies to help fill in the gaps and strengthen them to meet today new security vulnerabilities.
Security Awareness Assessment
Security starts with knowledge. Your staff are the first lines of defense against opportunistic such as Phishing, Viruses and Malware. But how is the average user to know what is a suspicious email versus a legitimate request for information? How do they know if that’s a real update or a Trojan knocking at the door? Security awareness teaches the vigilance and best practices every user should know to help cut down the ever increasing security risks appearing daily. And some compliance requirements require such training on a periodic basis. Iteck’s CISSP certified consultants and provide this training customized to your time and needs. We can also test your staff with simulated Phishing emails that grade user’s and provide informative anti-phishing videos to remind them of the risks should they fall susceptible to our testing.
Discussion & Mitigation
Once our thorough exam is complete, ITeck won’t leave you with a thick report and nowhere to go. Our trained and certified consultants will sit down with you to have a comprehensive, real world discussion explaining the risks, their severity, and what mitigations you can implement that properly fit your risk level needs and budgets. You don’t want a firm that’s going toss you a report and say “have at it”, nor do you want one that will try to sell you a 10-feet-tall wall and 20-feet-deep moat when a better door lock will do the job. Iteck will guide you through the process in a way you understand and best fits your needs.
Interested in finding out more about our CMMC Security Preparedness program? Find out more here.