Discovery: the first step in the Audit process
Laying the groundwork before testing defences
You’ve probably heard of Penetration Tests as a method for finding the areas of vulnerability in an IT system, whether it’s a whole network or an individual machine. The thing is, most businesses we speak to are not prepared for such tests as there’s groundwork to do first before you test the defences.
An Idency Audit IT Healthcheck starts with the Discovery phase. All organisations are unique, and we need to understand what you do on a daily basis and what makes your system tick before we look at what needs to be protected – and from whom!Get in touch to discuss
Here’s an overview of how we work out your current situation:
First of all: who are you? What does your business or organisation do, and who are the key players, the stakeholders and the users. How much traffic does your system handle and where does it come from? What does ‘normal’ activity look like in your digital environment?
We’ll need to know what makes up your IT system so we can see what needs protecting and the best way to achieve this. We’ll work with you to create a definitive map of the whole system and its assets, the Operating Systems and software being used. We’ll also look at the access points for your network.
At this point, we can run some high-level vulnerability scans to get a sense of which assets are the weakest parts of your system. This will give us a list of priorities for you to address to protect your system and other steps to take for your general cybersecurity.
We’ll also run some network scans across your organisations digital infrastructure to make sure that it is as tightly-controlled as it should be for your purposes and requirements. This process will also ensure that we are able to locate and find out if there are any issues with the software and services running on your organisations network.
Attack Surface Modelling
Points of possible access, or attack vectors, of a system is known as the attack surface. This is the map of locations an unauthorised user could use to enter and exploit a system to extract data or install malware. Fewer attack vectors, means smaller attack surface, which means easier to protect. We will help you map the attack surface to optimise your security.
Our assessments can help you evaluate your risk and quantify the return on investment of implementing defences.
Get expert advice and contact Idency today.
To arrange a meeting to discuss an IT security heathcheck for your business, please contact us.Get in touch