Performing regular Vulnerability Assessments of your key IT assets such as your firewalls, your website and your internal networks is a low-cost way of gaining valuable insight into state of your data security, so you can take appropriate action before vulnerabilities get exploited. Your IT estate is scanned regularly for patch levels, configuration mistakes and the latest known vulnerabilities to your systems.
Vulnerability Assessments are different from Penetration Tests, as the estate is scanned regularly, not just on a one-time basis. We can do this in multiple ways but the most popular is an agent which gets installed and feeds back information.
If you are not looking for a regular assessment of your vulnerabilities, a one-off IT & Cyber Security Audit may suit you better…
IT & Cyber Security Audit
Our IT & Cyber Security Audit provides you with a robust overview of your current IT environment from a practical and security perspective.
Why book an Audit?
The purpose of the IT & Cyber Security Audit is to identify and highlight key areas where changes are needed to improve business efficiency, the security posture of your IT network and protect sensitive data from an internal and external perspective. It gives you a strategic view of how to harness technology with a roadmap for the future.
What does it involve?
Below is an outline of all the areas our IT & Cyber Security experts will investigate as part of the checks of your IT infrastructure. You can also download this information here. After performing these investigations, a report of their findings will be created detailing issues found. The report will also offer remediation advice to be followed internally or outsourced.
What is reviewed in an IT Infrastructure Audit?
A review of your internal network infrastructure and how it connects to the outside world.
A review of your wireless connections, looking at signal strength, reliability and speed.
A review of all your applications to make sure they are fit for purpose and working and interacting as intended.
A review of your email platform. Whether this is hosted or on-premises, we will check to see if the platform is doing what it should be.
A review of your backups to identify if all key systems are backed up and can be restored if required.
A review of any physical servers you may have. The review will focus on age, operating system, warranty and provide any recommendations.
A review of any virtualised servers to ensure they are resourced correctly and doing their intended purpose.
A review of remote access to highlight how users access your network when they aren't in the office.
A review of how storage is being utilised in your business. Identifying how it is being used and if it is being optimised.
A review of your power storage capability, so in the case of a power-cut you will know what will stay powered and how long they will stay on for.
A review of your domain names to confirm where they are hosted and make sure you have all the information required to manage them.
A review of all endpoint devices (laptops, desktops etc.). This will take into account age, operating systems and if the devices are still fit for purpose.
What is reviewed in a Cyber Security Audit?
A review of your internal network infrastructure to make sure it is secure from threats.
A review of your patching to make sure all devices are updated. This review will also investigate how these patches are being managed for deployment.
A review of your password policies to ensure they are suitable and being enforced.
A review of your Active Directory (or Azure Active Directory) to ensure that the correct policies are in place and standards are followed.
A review of your file security and Information Rights Management to highlight if your date is secure.
A review of your application security to make sure that they are only being accessed by the users who should have access.
A review of your email filtering to ensure it is fit for purpose and stopping any spam or phishing attempts from coming through.
A review of your Web Content Filtering to ensure it is working as expected and any unauthorised websites are not being accessed.
A review of your security and processes to see if there are any week points when it comes to your IT security.
A review of your physical security to ensure that areas can only be accessed by authorised people and systems are secured.
Take the first steps to improve business efficiency & securing your network. Complete the form below and one of our team will be in touch.