Our objective is to perform an evaluation without disrupting day-to-day business. Therefore, our auditors perform much of the network security assessment outside of standard business hours. However, this is not always possible because proper evaluation for some components require that the auditors evaluate normal business processes.
What areas are covered?
- Asset management and classification
- Business continuity management
- Environmental and physical security
- Human resources security
- Incident management
- Information security
- Information systems
- Internal policy compliance
- Legal compliance
- Operations management
- Security access controls
- Security organization and personnel
- Security policy and process
Penetration testing and assessment focuses on attacking the network internally rather than externally. Our auditors exploit vulnerabilities and seek to acquire high-level access. There are generally more unassuming vulnerabilities from an internal perspective. We thoroughly test security because severe network compromises almost always originate within the network. Internal attacks are not always malicious attempts by employees. They are often vulnerabilities introduced via emails and malicious websites. Our task is to analyze all entry points for weakness, and to ensure that an internal attack cannot compromise the integrity, confidentiality, or availability of the system.
Regulatory Compliance with iQmedia will facilitate additional resources and allow your firm to safeguard against non-compliance and keep pace with all the new and changing regulatory requirements. iQmedia alleviates your companies compliance struggles.
While the ultimate responsibility, by regulation, remains with the firm, an Outsourced solution from iQmedia adds an additional layer of certainty.
Social Engineering Security Validation Testing
IQmedia will insure Social engineering is not used as a persuasion and/or manipulation to acquire unauthorized access. Email, telephone and physical social engineering campaigns can be used to persuade users to release personal information.
Secure VPN Design Solutions and Testing
Our remote access configurations have the following in mind…security, flexibility and accessibility. What good is a secure connection to your data if it is too cumbersome and difficult to access? We will design a user friendly secure VPN solution that will assist your business, not hinder it.
External Network Testing
Our External Testing will expose network vulnerabilities within your Internet facing network and illustrate how an attacker can exploit and compromise your network to gain access to sensitive data. Once we issue our findings we will provide recommendations to rectify and strengthen the network.
Internal Network Testing
Our internal Testing will expose network vulnerabilities within your internal network and illustrate how an attacker or internal users can exploit and compromise your network to gain access to sensitive data. We will look at company usage policies and security practices. Once we issue our findings we will provide recommendations to rectify and strengthen the network.
Wireless Security Testing
Wireless Security Design and Testing Services calculates the security of your organization’s wireless operations. We also remedy and provide recommendations for future improvements.
Firewall Security Testing
Firewall Security Testing is instrumental in identifying vulnerabilities that can lead to network security breaches. This is a specific network penetration test performed internally and external of your network.
Active Directory Diagnostics
Active Directory Diagnostics are critical due to the Roles Active Directory plays in your Microsoft environment. The diagnostics permits us to identify security vulnerabilities. As a Microsoft partner we have full access to Microsoft, in the event changes are needed.