IT systems in business grow organically and can scale over time. The IT system requirements will evolve and usually this evolution does not happen in parallel with the evolution of the security systems.
There are 6 Threat Vectors which considered to cover all the areas in which IT security could be breached. A security solution is only as strong as its weakest policy or system, without coverage of these 6 Vectors a Security Policy is not effective.
The 6 Threat Vectors Custard consider to require analysis are: Network, Email, Users, Web Sites, Remote Users and Mobile Devices.
Businesses typically invest all their IT budget into Firewalls and Encryption but someone could very easily accidentally leave their laptop with no password and Saved RemoteApps credentials on a train and it could land in the wrong hands.
Studies show that remote attacks are now much more likely to target mid market business than large organisations like banks as the attackers know that their IT budget is usually spent on improving usability of systems or getting bells and whistles rather than intrusion prevention or security hardening.
Goals of an attack may differ but motives include Ransom for Data, Corporate Espionage, Leaking of Information to Damage Credibility or destruction of Data to cease productivity.
Custard can perform a comprehensive audit to list down how your company operates in these 6 areas, what policies there are in place, what defences there are currently in place and how any threats in these areas could be reduced or removed.
Our audit comprises of a report on the results from fact finding and analysis. This includes recommendations on how to combat the issues raised within each of the 6 threat vectors.
The audit also includes the results from a 10-Hour Vulnerability Scan performed on each Web Service. These scans are important because Web Applications are usually the Window into your Organisation which an attacker will peer or attempt to gain access through.
Please fill in the form below if you would like a Quote to have an audit performed of your systems.