NO ONE WANTS TO GET THE 2AM CALL
You know the one. It goes something like:
…we’ve been hacked ….records leaked …personal information exposed …how could this have happened …may prove financially devastating to the organization… Taking a few simple steps could not only help ensure both your network and your budget are secure – it could also keep you from getting the 2am call.
IT SECURITY FUNDAMENTALS: TECHNICAL SECURITY ASSESSMENTS
Did you know for little to no investment you could quickly reduce the possibility of a security breach? These steps can help you get started:
Step 1: Know what types of services are available.
In order to choose the best security service for your needs, you should understand the types of assessments that are available. Listed below are three common assessments and a brief description of each. An ICS consultant can help you determine which is most appropriate for your organization.
Step 2: Consider your testing options.
When considering a Vulnerability Assessment, Penetration Test or Web Application Assessment, you will also need to determine whether to conduct internal testing, external testing, or a combination of both.
Step 3: Determine testing type and frequency.
Think about what an acceptable level of risk may be, and what areas you want to ensure are safeguarded. ICS recommends performing vulnerability assessments quarterly, penetration tests bi-annually, and web application assessments at least annually or as new applications are added.
Interested in learning more? Click here to download the full whitepaper.
VULNERABILITY ASSESSMENT
A vulnerability assessment is an unobtrusive way to identify risks present within your system. These risks may stem from unpatched or obsolete software, poorly configured systems, and/or inadequate security protocols. ICS will identify areas that are potentially exploitable by authorized users or attackers, and guide you through the steps needed to secure those weak areas.
Recommended frequency: Quarterly | Learn more
PENETRATION TESTING
A penetration test (or pen test) takes the vulnerability assessment one step further, and is an invaluable component of a comprehensive technical security assessment. During a penetration test, an ICS certified ethical hacker will perform an actual attack on the points of weakness identified in the vulnerability assessment. If the attack is successful, ICS will then assess the impact an actual breach could have on your organization. The pen test will give you a clear understanding of how the weaknesses identified in the vulnerability assessment can undermine your business.
Recommended frequency: Bi-annually | Learn more
WEB APPLICATION ASSESSMENT
Virtually all businesses today employ web-based applications for sales, marketing, accounting, and other standard business functions. While these applications have many benefits, including online accessibility and enhanced team collaboration, they may also expose your sensitive data to unauthorized access. A Web Application Assessment will uncover vulnerabilities that exist in web-based applications and provide strategies to maximize your system security.
Recommended frequency: At least annually, or as new applications are added | Learn more
