IT Health Check

Your challenge: ensure that IT security controls are in place to protect your business

Do you have robust oversight of your information security? Do you have overarching insight into the effectiveness of your security plan? Do you know which IT security controls you currently have in place, how effective they are or what additional IT controls you require?

An IT health check answers these questions and, more importantly, provides senior management with an independent and comprehensive oversight of your organisation’s IT security and its challenges, giving them detailed advice for improvements.


Our IT Health Check solution

External testing:

The scope for external testing will include all Internet-facing systems, such as email servers, web servers and defence systems – such as firewalls – that you’ve implemented to prevent unauthorised access via the Internet to your organisation’s network.

Any third-party suppliers that have access to your systems will also need to be included, and should be tested as an external connection.

Internal testing:

Combining vulnerability scanning with manual analysis of your internal network, internal testing has a broad scope and should include as a minimum:

  • Desktop and server build and configuration, and network management security; 
  • Patching at operating system, application and firmware level; 
  • Configuration of remote access solutions (including solutions for managed devices and BYOD); 
  • Build and configuration of laptops and other mobile devices, such as phones and tablets used for remote access; 
  • Internal security gateway configuration ; 
  • Wireless network configuration; 
  • Database configuration security review; and 
  • Firewall configuration security review.
The vulnerability scan will need to cover your entire network, including your end points, servers, devices, appliances and device applications.

Advantages of an IT Health Check

  • Identifying and resolving vulnerabilities in your external systems allows you to stay ahead of the criminals and better protect your information assets from unauthorised access or change via an external connection. 

  • Scanning your internal systems provides you with assurance that there are no critical weaknesses in your network infrastructure or individual systems that could lead one internal device to affect the security of another.


Why choose IT Governance? 

  • We help you scope the project to save you time and money and deliver an effective and efficient IT health check. 
  • Our CREST-accredited penetration testing services provide you with the technical assurance of an expert information security partner. 
  • Any work we carry out for you – whether a test of your networks, your applications or your staff – provides you with new methods for fortifying your organisation’s cyber resilience. 
  • Our reports and advice give detailed recommendations in clear and accessible language that can be easily followed by engineering and senior management teams alike. 
  • Establishing how processes, systems and IT infrastructures need to change.

Companies using our penetration testing services

"I personally find the final report provided by IT Governance to be excellent…. It contains the depth of knowledge I require to accurately and effectively determine our system security improvement plan for the next 12 months."

Wez Edwards, Senior Systems Architect, S2 Partnership LTD


Speak to an expert

For more information and guidance on penetration testing or packages IT Governance offers, please contact our experts who will be able to discuss your organisations needs further.

 

top
Risk Assessment
Workshop
- 22 Oct