Organisations that invest substantial sums in I.T. systems are rightly concerned to ensure that the security protecting those systems meets the level of security that is commensurate with their needs. Particularly to ensure the integrity of data and protect potential corporate embarrassment as a result of the loss, or compromise of that data.
The irony is that these same organisations often overlook a further critical point: Applying equivalent standards to verify security’s continuing effectiveness.
- External Testing
- Internal Testing
- Application Testing
- Telephone Testing
- Social Engineering
- Wireless Testing
To see a copy of our testing methodology click here
Penetration Testing, provides a method by which the level of security at any given time can be established and whether the desired levels of security are being applied and are current. Frequently, this form of testing is undertaken in-house by those whose familiarity with the network is such that it skews the findings no matter however accomplished, they tend to naturally absorb the culture of an organisation. An asset in developing customised systems, but a serious drawback when it comes to adopting the hostile mindset of an intruder and although this may provide a degree of confidence, periodical independent testing should be undertaken by competent personnel to validate any in-house activity. Automated packages are available, and are in widespread use by less specialist IT firms: the problem with these is that there is an infinite variety of permutations created by differences in operating platforms and configurations, the age of the software and it’s updates, which means that ready-made solutions alone cannot be relied upon, nor does the software have the mindset of a competent intruder or possible access to in-house information.
Our reviews, in addition to conforming to the required standards of detail and accuracy, are concise, user-friendly and come complete with an at-a-glance management summary.
We pride ourselves on submitting recommendations that are intelligible, cost-effective and practical to implement.
Many of our clients have found additional costs benefits, in that by applying recommendations this has led to increased robustness and less downtime of systems.
For more information on our penetration testing services please call +44(0)1529 306284 or email contact@ccc-ltd.com