| The ICS Securities Consulting Team works with its customers to design and execute an assessment, through the penetration testing of their computers and network security. In accordance with the evaluation requested by the customer, ranging from a “Web Server Probe” to an “All-Out Attack” of the network, we gather as much information as we can about the target. As we learn more about the target and its network connectivity, we begin to probe for weaknesses. Some weaknesses include, old or un-patched software, poor configuration of Web Servers, disabled security controls and default or poorly chosen passwords. As vulnerabilities are found and exploited, we document how we gained access as well as whether or not anyone at the organization detected our entry. In almost all instances, the customer is not informed of our planned attacks. When the penetration test is concluded we work with the customer to address any and all issues we have discovered, develop and deploy security policies, and train and educate staff. |
|
Security Assessment: |
The first step in security is to assess the strengths and the vulnerabilities. At this stage we commit ourselves to briefly testing the system in order to expose topical vulnerabilities. Many vulnerabilities in IT security that are immediately exposed in the assessment are due to lack of training and precaution. |
| Penetration Testing: |
After the assessment, a comprehensive test is performed where our IT professionals attempt to recover certain “objects” from the system that would normally be protected. The purpose of the penetration test is two fold; First off, it provides an in depth analysis of the total system and it’s vulnerabilities. Secondly, It provides the specific guidance needed in structuring a new security policy for your business. |
| Patch Work: |
After the penetration test, all discovered vulnerabilities are patched. This step prevents the possibility of a future malicious attacks on the system. |
| Security Policy and Planning: |
The most important part of receiving a security audit is learning from it. Many security vulnerabilities are immediately tied to the lack of education of employees and business associates. We understand fully that in order to succeed, focus must be spent on core competence. Therefore we understand that IT security isn’t your job, it’s ours. At this stage, with your cooperation, we strategically develop a security policy that is specifically catered to your businesses' needs. |
| Training and Education: |
After the new security policy is in place, we work with your company to train staff members and answer questions that will arise due to the implementation of a new policy. We’re here when you need us. |
Maintenance:
|
The last step in successfully securing your IT platform is an ongoing maintenance plan. This plan includes monthly audits and security updates for both personnel and systems. |
| |
|
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
