Charlotte, NC Network Security Assessments
Network Security Assessment
 
 

Network Security Assessments

Sometimes it's hard to know where to even begin. There are too many things that all need to be taken care of, and they are all very important to the security of your network and organization. We all want to be better-equipped to defend our organization against an external or internal threat. You need a plan for that. 

Our Security Assessment service dives deep into your network, looking at all aspects of security to determine and highlight potential risks. Taking a holistic approach, we build each test to take into account all aspects of your network. From the hardware and software itself, to the business process and social engineering, we dive deep into every factor that contributes to keep your clients, your employees, and yourself protected.

 
 
 
JSCM Group Business Process Review
 
 
 

Business Process Review

The goal of our Security Assessment is to identify any vulnerabilities or security issues that may reside inside of an organizations network, and to highlight them for remediation.  To perform a Security Assessment, we first conducted a Business Process Review with key stakeholders in the company.  The purpose of this portion of the assessment is to become familiar with internal processes and to gather data that could be used during our testing.  We focus on several topics during the Business Process Review including equipment handling, resource access, and procedures.

The information we gather during our Business Process Review then allows us to create a plan for the network testing.  During this segment of the assessment we review and access different portions of the network including servers, firewalls, and workstations.  Our focus during this section is on things such as user access, network resources, and overall security.

At the beginning of our Security Assessment, we will have a meeting with I.T. management to review the business processes of your organization.  The purpose of this is to determine how day-to-day operations are handled, and to identify any possible areas of vulnerability.  This Business Process Review will allow us to customize our assessment and will help us determine your exposure level. 



Topics related to I.T. business processes include:

 
 

Policies and Procedures

  • Tech Support and Help Desk Procedures

  • End-User Agreements and Other Policies

  • Implemented Security Training

  • User Onboarding and Termination Procedures


Data Handling

  • Determination of Sensitive Data

  • Data Backup and Disaster Recovery

  • Sensitive Document Security and Disposal

  • Password Policies and Restrictions


Equipment Handling

  • Equipment Acquisition and On-boarding

  • Equipment Disposal

  • Equipment Inventory

  • Mobile Device Security


User Access

  • Process for Accessing Network Remotely

  • Multi-Factor Authentication Procedures

Access and Monitoring

  • Wireless Network Review

  • Breach Identification and Procedures

  • User Activity Tracking

  • Intrusion Prevention Procedures


Email Procedures and Security

  • Email Hosting

  • Email Archiving and Legal Hold Review

  • Email SPAM Procedures


Applications

  • Patch Update Procedures

  • Antivirus Implementation and Monitoring


Vendors

  • Vendor Access Determination

  • Vendor Access Monitoring


Compliance and Regulation

  • Regulation Requirements

  • Compliance Requirements

  • Assessment Requirement


 
 

During the Business Process Review, we will also require access to individuals at the Executive, Accounting and Human Resource level.  We will review items related specifically to their departments, including:

 
 

Executive

  • I.T. Department Turnover Procedures

  • Technology Documentation

  • Breach Notification

Accounting

  • Accounting Authentication Processes

  • Check/Payment Storage

  • Money Transfer Procedures

Human Resource

  • User Activity Tracking

  • Employee Turnover Procedures

  • Confidential Information Storage

 

WHY CHOOSE JSCM GROUP?

 
Non-Bias Results

Non-Biased Results
We don't use a Security Assessment to sell you more services, so we're focused on giving you a realistic and likely forecast.  Using an outside source for these kinds of assessments is the best way to ensure an unbiased, straight-forward report on your security status.

 
On-Site or Remote

On-Site or Remote
Different environments call for different needs. We can perform our test both remotely and on-site.

 
Looking at the Big Picture

Looking At the Big Picture
Sometimes it’s easy to focus just on the IT side of things, but this isn’t the only part of your organization. We want to get a look at the whole business, because there could be things being overlooked in other areas that greatly affect your security.


 
Security Assessment Deliverables image
 
 

DELIVERABLES

Once we have finished our Security Assessment of your network, we will provide you with all of our findings. The information we find in our Security Assessment is considered confidential. It will not be shown to, or discussed with, anyone outside of our organization.

The information we find will be presented to you as a: 

  • Report on All Items Found During Testing

  • Presentation on State-of-Security to Management and Executives

  • Report on Business Process Assessment and Recommendations

  • Remediation Listings for All Identified Weaknesses

  • Report on Social Engineering Vulnerabilities

  • Threat Scope and Compliance Discussion

 


LEARN MORE

If you'd like to know more, you can contact us and we'll help you in any way we can!