Regardless of the chosen platform, the location of company data in relation to end-users, or any other factor deemed critical in today's ever-changing IT world, the one issue truly on the mind of everyone that works with or relies upon technology is security. Can users access the data that they need without exposing the organization to risk? Are all regulatory compliance goals being met? Is data sufficiently protected from known attack vectors and zero-day attacks? The challenges in IT Security are myriad and complex.
CIS routinely provides detailed Security Audit Services for clients of all sizes. The process of performing a Security Audit typically includes, but is not limited to, the following services:
· Policy & Procedure Review
· Network Topology Review
· Internal & External Compliance Review
· Penetration Testing
· Social Engineering & Internal/External Access Review
· Review of Advanced Persistent Threats and Targeting to Critical Data
· Spear Phishing & Phising Tests
· Heat Mapping of Wireless
· Best Practice Configuration Review
· Red Team Assessments
· End User Security Training and Seminars
CIS' approach to penetration testing is to utilize both known and unknown attack vectors, to perfectly simulate a true "black hat" attack on the network. CIS creates and modifies proprietary scripts to assess the degree to which a network is protected against emergent and zero-day attacks.
Following a Security Audit CIS provides an industry-leading deliverable report. The report details all findings in a comprehensive report that is written for both technical and non-technical stakeholders alike. CIS strives to provide the highest caliber report possible, highlighting not only findings but also detailing why something is critical to the specific organization, as well as recommendations on how to remediate the issue, reports that do not include this information do a disservice by not providing a complete picture. It is universally agreed that IT Security is a leading concern in the industry, the first step toward successful security is identifying vulnerabilities.