IT Infrastructure Security
Digital Assurance offer a complete range of IT infrastructure security assessment services which can be delivered individually or as part of of a wider enagement containing a number of elements. Our infrastructure assessment services have been developed to provide customers with assurance that their security measures are robust and effective whilst identifying where and how improvements may be made. Typical projects range from the assessment of individual components such as firewalls or secure workstations to assessing whole networks and IT infrastructures from both an operational and architectural perspective.
Scenario-based penetration testing
Designed to provide higher levels of assurance, penetration testing performed from particular perspectives. Frequently will consist of scenarios such as a penetration test performed from a DMZ network to simulate an attacker who has gained access to a DMZ system, or perhaps simulating an attack by a contractor with access to the corporate internal network.
Typically an engagement may include testing a number of scenarios. Penetration testing is designed to identify a wide range of security issues caused by software vulnerabilities, configuration issues, process/operational issues, human error and other technical and non-technical factors.
Vulnerability analysis
Vulnerability Analysis (VA) is designed to identify potential vulnerabilities in computer systems, such vulnerabilities are typically related to software flaws or configuration issues.
Vulnerability Analysis generally seeks to identify known issues in systems rather than to find new or unique problems and will not involve the exploitation of any problems identified. Vulnerability analysis can be performed against Internet facing systems or internal systems.
Firewall testing and review
A firewall review examines the deployment of a firewall, looking at both configuration and rule-set in an attempt to identify any security issues and where possible improve upon both performance and security by rationalising rules based on business traffic requirements.
Wireless network testing
A wireless security assessment seeks to identify security issues and exposures in wireless network infrastructures. These assessments are not limited to 802.11x networks but can also cater for RF modem infrastructures, Infra Red and RF point to point links. Such assessments typically involve examining authentication, access control and confidentiality controls as well as communication availability issues.
End-user device testing
There are many particular security requirements for end-user devices, including protecting against the theft of a laptop, or other mobile communication devices (e.g. a Blackberry, mobile phone or PDA). Additional scenarios include ensuring that a user within the organisation cannot increase their privileges on a workstation, CITRIX client, or perhaps an Internet kiosk within a company's reception area.
Using specialist tools and techniques, Digital Assurance can ensure that such devices cannot be used for activities outside of their intended use, or that sensitive data held either on them, or via remote access mechanisms cannot be compromised by unauthorised users.
- Laptops
- Kiosk systems
- Mobile devices
- Hardened workstations
Component assessments
Digital Assurance can assess the security of key components within an organisation or infrastructure, including the builds of servers, appliances and gateways (e.g. remote access, virtual private network devices, routers and switches.)
Our consultants will review the build of the specific device against best practice whilst always maintaining the specific business requirements for that particular device and complying with both internal and regulatory standards (e.g. Sarbanes Oxley or Common Criteria) where applicable.