Information Security Assessment
Nearly every organization suffers from security vulnerabilities. Enterprises with remotely located offices are particularly at risk. Cutter Consortium's information security assessment will help you determine how secure your organization is today, and identify areas that are vulnerable to security breaches. Cutter's security assessment engagements will include a review and evaluation of:
- Design and architecture of the enterprise network
- A characterization of plausible threats and key assets which are to be protected
- Review of policies and procedures regarding network access; physical security; authentication; privacy; confidentiality; system administration; backup; acceptable use; hiring and termination of employees; information sharing with contractors, vendors, arms-length subsidiaries and partners
- Implementation review of configuration of key components with security implications (routers, firewalls, switches, remote and wireless access and VPN, mail gateways, virus filtering, voice mail) or which have reputation exposure (the web site)
- Visits to locations with network connection points to assess vulnerability in the areas highlighted above, as well as physical security
- Scanning all networked/accessible devices for vulnerabilities (using scanning tools)
- Scanning all available PCs for malware/spyware
The engagement will provide assessment findings, pointing out risky practices and gaps with good or best practices, and recommendations for changes in policy, process, and implementation that are culturally appropriate for the assets being protected and that will improve your organization's stance on information security.
Cutter Consortium's information security assessment delivers a suggested strategy for both restoring security levels and for ensuring your enterprise maintains good practices going forward.