Network Security Assessments
Sometimes it's hard to know where to even begin. There are too many things that all need to be taken care of, and they are all very important to the security of your network and organization. We all want to be better-equipped to defend our organization against an external or internal threat. You need a plan for that.
Our Security Assessment service dives deep into your network, looking at all aspects of security to determine and highlight potential risks. Taking a holistic approach, we build each test to take into account all aspects of your network. From the hardware and software itself, to the business process and social engineering, we dive deep into every factor that contributes to keep your clients, your employees, and yourself protected.
Business Process Review
The goal of our Security Assessment is to identify any vulnerabilities or security issues that may reside inside of an organizations network, and to highlight them for remediation. To perform a Security Assessment, we first conducted a Business Process Review with key stakeholders in the company. The purpose of this portion of the assessment is to become familiar with internal processes and to gather data that could be used during our testing. We focus on several topics during the Business Process Review including equipment handling, resource access, and procedures.
The information we gather during our Business Process Review then allows us to create a plan for the network testing. During this segment of the assessment we review and access different portions of the network including servers, firewalls, and workstations. Our focus during this section is on things such as user access, network resources, and overall security.
At the beginning of our Security Assessment, we will have a meeting with I.T. management to review the business processes of your organization. The purpose of this is to determine how day-to-day operations are handled, and to identify any possible areas of vulnerability. This Business Process Review will allow us to customize our assessment and will help us determine your exposure level.
Topics related to I.T. business processes include:
Policies and Procedures
Tech Support and Help Desk Procedures
End-User Agreements and Other Policies
Implemented Security Training
User Onboarding and Termination Procedures
Determination of Sensitive Data
Data Backup and Disaster Recovery
Sensitive Document Security and Disposal
Password Policies and Restrictions
Equipment Acquisition and On-boarding
Mobile Device Security
Process for Accessing Network Remotely
Multi-Factor Authentication Procedures
Access and Monitoring
Wireless Network Review
Breach Identification and Procedures
User Activity Tracking
Intrusion Prevention Procedures
Email Procedures and Security
Email Archiving and Legal Hold Review
Email SPAM Procedures
Patch Update Procedures
Antivirus Implementation and Monitoring
Vendor Access Determination
Vendor Access Monitoring
Compliance and Regulation
During the Business Process Review, we will also require access to individuals at the Executive, Accounting and Human Resource level. We will review items related specifically to their departments, including:
I.T. Department Turnover Procedures
Accounting Authentication Processes
Money Transfer Procedures
User Activity Tracking
Employee Turnover Procedures
Confidential Information Storage
WHY CHOOSE JSCM GROUP?
We don't use a Security Assessment to sell you more services, so we're focused on giving you a realistic and likely forecast. Using an outside source for these kinds of assessments is the best way to ensure an unbiased, straight-forward report on your security status.
On-Site or Remote
Different environments call for different needs. We can perform our test both remotely and on-site.
Looking At the Big Picture
Sometimes it’s easy to focus just on the IT side of things, but this isn’t the only part of your organization. We want to get a look at the whole business, because there could be things being overlooked in other areas that greatly affect your security.
Once we have finished our Security Assessment of your network, we will provide you with all of our findings. The information we find in our Security Assessment is considered confidential. It will not be shown to, or discussed with, anyone outside of our organization.
The information we find will be presented to you as a:
Report on All Items Found During Testing
Presentation on State-of-Security to Management and Executives
Report on Business Process Assessment and Recommendations
Remediation Listings for All Identified Weaknesses
Report on Social Engineering Vulnerabilities
Threat Scope and Compliance Discussion
If you'd like to know more, you can contact us and we'll help you in any way we can!