IT systems form the basis for the business processes of modern enterprises. It doesn’t matter whether this is the Internet website, communication and data protection of sensitive data via the Internet, file and database services, electronic workflow systems or e-Commerce and Online-Trade systems, the dependency of an enterprise on its IT infrastructure has increased considerably. Hence, any compromises made in IT systems can also mean for your enterprise a noticeable loss of reputation, expensive loss of production or even a risk to your livelihood. For this reason, no enterprise cannot afford to neglect IT security any longer. This is precisely the reason why external and internal security audits should be implemented regularly.
The aim of the IsarNet Security Audit package is to optimise the security standard of your enterprise according to generally recognised industrial standards. For this purpose, we work in cooperation with you to find out the current level of IT security in your enterprise, determine weak points, implement risk estimates and finally work out concrete measures to eliminate deficiencies and to increase the IT security of your enterprise.
Scope of services of the Security Audit Package:
- Implementation of the audit by an experienced engineer with CCIE-certification and specialised skills in host and network security
- Formulation of the special objectives and main points of emphasis of the Security Audit as well as the specification of all agreements in a detailed audit concept prior to the audit.
- Review of your security policies, or if no policies exist, support with the formulation of your Security Policies
- Review of defined security-relevant work processes both in theory and practice in dialog with your employees.
- Review of your network-design according to security aspects
- External and internal safety check of your network components (port and vulnerability scans including configuration checks)
- Review of your firewall and VPN designs, as well as firewall audit of all current firewall products (CP Firewall-1, Cisco PIX, Gauntlet, Sidewinder, etc.)
- External and internal audit of selected Windows and Unix clients and hosts at operating system level
- Optional penetration tests, including War-Dialing and War-Driving (WLAN Security)
- Testing of your infrastructure for the “Latest Known Vulnerabilities” according to vulnerability databases (CERT, BugTraq, CIAC)
- Discussion of all results already during the audit on site with the audit and system managers
- Drafting of a detailed audit report with a measures catalogue for eliminating faults
- Final presentation of the results to the Audit Team and Management
The service package described roughly here can be customized to be in line with your requirements and expectations and in accordance with the conditions of your company, of course. We guarantee an absolutely sound and discreet implementation of the audit. It goes without saying that all results of the audit are treated in absolute confidence.
Are you interested?
A detailed and specific analysis of the requirements can only be made in dialog with you, of course. Please do not hesitate to contact us. We would be delighted to prepare and make you an individual offer.