Services |
Network Security Audit & Review |
|
|
Network Security Audit & Review E-Commerce and Web Application Testing |
It's possible to outline our audits methods as below: Discovery: Using a combination of commercially available network tools and our knowledge, we create a map of your network and discover all physical and software elements of your IT infrastructure. The discovery phase of the service includes a review of router / switch / firewall configurations, SNMP community strings (where the default setting of "public" is a great way for unauthorized people to gain information about a certain device.) and passwords. We investigate third-party connections, firewalls, modems, routers and dial-in / dial-out facilites, which also acts as a basis for further penetration tests and vulnerability scans. Network Penetration Testing: We perform penetration testing from within your network to internal and external resources. We start our tests without a legitimate logon, then continue first with a standard user and then a user with administrative privileges and find out what information these users can access. In all methods we use the information gained by the initial network discovery test. Workstation Testing: We review your standard workstation configuration (Operating System, Email, Web browser, Antivirus configuration / policies) and review the policies in effect in your organisation that govern and dictate workstation configurations, and help you to form a policy if you do not happen to have one. Industry standards do not advise non-privileged users to have administrative privileges on their desktops and to have software / functionality on their computers that are not directly related to their job-specific tasks. A good security policy should adhere to these standards and we will help you to achieve that as part of this service. Network Security Audit and Review: Who -- or what -- in your organisation will let you down? Your £15,000 firewall? Your £5,000 server? Or your £5 / hour IT temp who has not yet received basic training about your security policy and best-practices but has been given access to a server and is in charge of resetting passwords for those users who seem to lock themselves out? Using professional analysis tools and performing interviews with the members of your organisation, we analyze the security profile of your network. As part of this service, we will find redundant accounts, easy-to-guess passwords, excessive file permissions, over privileged guest accounts and easy to guess user / admin passwords and report them. We will also review the security configuration of a number of servers, including but not limited to password policies, permissions, administrative / service accounts, logs, patches and your servers' level of protection from published vulnerabilities. The results of the test will be published as a report and modifications / improvements and fixes will be recommended. DMZ Server Security Audit: We will perform a thorough on-site security audit of your servers located in your DMZ. We will review the security configuration of your servers, including but not limited to file systems, Active Directory configuration, permissions and audit logs, we will also review your change control mechanisms (if there is one) and help you create / improve a change control mechanism if needed. We will make recommendations on modifications and improvements and perform penetration testing for your servers from within the DMZ and your internal network. The findings of this procedure may lead to configuration changes / improvements in your DMZ firewall to harden security. Social Engineering & Physical Security: Is your staff vigilant? Our physical security and social engineering review uses a number of techniques. It includes site visits / audits and using emails / telephone calls to your staff. We establish an opportunity for social engineering and attempt to gain unauthorized physical and remote access to your premises and equipment with the use of the information gained through this practice. We will provide a detailed report after this test highlighting any general security concerns and recommend improvements to remedy the situation. |
