 |
Organisations investing substantial sums in IT systems are rightly concerned to ensure that the
security protecting those systems meets the highest standard achievable at the time.
The irony is that these same organisations so often overlook a further critical point: applying
equivalent standards to verification of the security's continuing effectiveness.
Penetration Testing, a series of active tests designed to reveal any shortcomings in security,
must be carried out by independent, competent personnel if it is to do its job thoroughly.
In-house teams, however accomplished, tend naturally to absorb the culture of an organisation:
an asset in developing customised systems, but a serious drawback when it comes to adopting the
hostile mindset of an intruder.
Automated packages are available, and are in widespread use by less specialist IT firms: the
problem with these is that there is an infinite variety of permutations created by differences
in operating platforms and configurations, which means that no ready-made solution can possibly
cover all the angles.
VPNet's security services include:
- Information Security Policy
- Organisations that recognise the importance of security should implement an information security programme that is relevant to everyone, from the cleaner to the chairman. We provide consultancy on formation, implementation and review.
- Network Testing
- VPNet test infrastructure and specialise in applications/scripting. We provide comprehensive, high-quality analysis of design, technical weaknesses, policy and procedural security flaws. To ensure your firewall is blocking what we think it is, we use bi-directional testing is to check that the external threat cannot penetrate internally and internal users can only access external services deemed to be fitting.
- Vulnerability Testing
- Using automated software, we evaluate an organisation's application vulnerabilities. The service is cost-effective and efficient. Reports are presented in a standard format that allows for an easy comparison when repeat testing is performed.
- Social Engineering
- Many areas of business are vulnerable to exploitation (often unintentional) that can result in serious security breaches. Our experience working with an extensive range of companies from SME's to global corporates has equipped us with the knowledge for testing these less obvious potential security weaknesses.
- Security Training
- This should not be viewed as a mere add-on. Traditional training suffers from a lack of focus and a paucity of fresh content. Effective communication of Security concepts requires a ‘demonstrate & do’ approach; traditional training precludes this. Our training can be an integral part of your organisation’s security programme. It is in every way as specialised as the technical testing services that we deliver.
To find out more, please contact VPNet
|
|
