Host Security Assessment
Internal hosts can be vulnerable to a number of attacks if they are not tested through means other than a network assessment. An application running on a critical server may allow an attacker access. Host Security Assessments are critical but frequently are not done on a scheduled, timely basis.
We determine the security of critical servers in your environment. We conduct automated tests of the operating system and application-level security issues and check administrative and technical controls. Identified weaknesses and potential weaknesses are mapped against the risk level to the organization and recommendations are made. We analyze your host security policies and procedures and your risk classification standards for information assets. Key areas we investigate include but are not limited to:
- Secure configuration
- Separation of privileges
- Logging and auditing
- Account Management and Security
- File Management and Security
- Patch Level
- Network Security
- General Security Management
- Intrusion detection methods
- Disaster recovery measures
The diagnostic review will cover the following aspects of security:
- Review security of servers and determine what vulnerabilities exist
- Logging and auditing review
- Account management and security
- Patch and remediation process analysis
- General Security Management on an ongoing basis
Security Architecture Review
Many organizations have ad-hoc security measures in place or have implemented security procedures and technology as needed without a system wide review of what is necessary. Unplanned security architecture can leave holes in the environment that are not readily apparent or security spending can be on the wrong technologies without an understanding of where the risk truly lies in the architecture. A robust security architecture strategy is an end-to-end analysis of potential risk based on business requirements. All applications running and their risk levels have to be integrated with network security requirements and these have to meet practical policy and procedural processes.
Your overall security strategy is the focus of implementing good security measures over time. With a forward looking, detailed architecture, you can fix your current weaknesses, and anticipate future risk and implement mitigation strategies. The Security Architecture Analysis analyzes your current architecture, looking for gaps, operating inefficiencies, areas of security tool cost overrun, areas of weak productivity and misalignment with business goals. A solution will be developed that is specific to the available resources and the business goals of the organization. Risk mitigating measures are developed with security technologies that fit the corporate framework. Key goals of the strategy include:
- Gap analysis of the current and future state
- Security standards review and development
- Security toolkit development
- System-wide policies
- Communication plan
- Implementation strategies
How the Process Works:
Skysoft will go onsite to interview your staff, both IT and security, to understand the current environment. We will review all policies and documented procedures and compare against industry best practices. We will understand the architecture and gain insight into future development and business goals. Strategic and technical recommendations will be made to ensure the architecture is made current with best practices and anticipated future threats and can maintain a secure environment over time.
Security Policy Development
Skysoft will assist your company in creating strong security practices. A Gap Analysis of current policies is conducted, your operating environment is analyzed and policies are then developed. We will require access to all relevant information security policies, standards, guidelines, and procedures. Policies and procedures to be analyzed and evaluated may include:
- Disaster Recovery/Business Continuity Plan
- Account Administration
- Security and Control over Network Servers (Web, databases etc)
- Configuration and Control Over Routers and Gateways
- Firewall Administration Procedures
- Monitoring and Review Procedures
- Remote Access Policies
- Intrusion Detection
- Database security procedures
- Data classification standards
Technology is frequently mis-configured or mismanaged, which in turn introduces points of weakness into the organization. Every device connected to the network has the potential to allow an attacker in. Vulnerability assessment can be used against many different types of systems such as networked based, host based or application based. Vulnerability Assessments are necessary to identify vulnerabilities, but also are necessary to show changes in the environment over time as the organization grows and changes. A consistent network security audit process should be in place.
A practical approach to vulnerability reduction is needed with strategy development. Vulnerability analysis is the front line in securing the organization and a custom built methodology will be developed to utilize your personnel and financial resources to provide the best solution to meet your business needs. We provide a programmatic approach for evaluating technical, administrative and management security controls across your environment. Vulnerability scanning is a necessary tactical approach to securing all the “low-hanging” risk in your infrastructure. We will conduct tests against your Internet perimeter and internal systems using real world attacks techniques, both automated and manual.
Key value propositions for a Vulnerability analysis include
- Methodology development
- Analysis of remediation process and solution development
- Metrics development and reporting
- Manual and automated testing procedures
- Review of network, operating system, application and end-point security measures
- Development of key remediation recommendations
- Policy development to maintain proper vulnerability remediation procedures
How the Process Works:
Skysoft will scan your external and internal networks for vulnerabilities. Once identified, we will attempt to validate the vulnerability and provide detailed recommendations to fix the problems. You may choose to have us do a retest using only automated techniques after you have completed the recommended fixes.
Wireless Risk Assessment
Wireless security has become both an internal and external problem. Companies are implementing wireless infrastructures internally but do not properly secure them. Employees can setup wireless access to the internal corporate infrastructure to bypass security controls or access the network from insecure wireless networks on the road or at home. This poses an entry point into the network that can be hard to control, monitor and audit.
We can provide a Wireless risk assessment that looks at the infrastructure you have setup, policies and procedures in place, test the implementation for vulnerabilities and provide guidance on securing future wireless architectures against emerging threats.
Key aspects of the wireless assessment include:
- Scalability and features of current systems
- Authentication & Encryption controls in use
- Detect rogue wireless AP’s
- Penetration testing of the wireless setup
- Review encryption measures being used for wireless communications
- Review the wireless access of handheld devices that connect to the corporate network
- Test the wireless network for the ability to withstand a Denial of Service attack
- Test the infrastructure to gain unauthorized access to networks and systems
- Review network diagrams of wireless networks and protocols
- Review policies and procedures pertaining around wireless networking
- Provide a gap analysis of those policies and procedures against best practices
How the Process Works:
Skysoft staff will be on-site to review policies and procedure and interview your IT staff. We will conduct automated and manual testing from internal and external perspectives. Once testing is completed, we provide a detailed technical report on the findings and recommended solutions. You may choose to have us do a retest using only automated techniques after you have completed the recommended fixes.
HIPAA Security Rule Assessment
HIPAA Security introduces a variety of organizational and procedural changes that address the confidentiality, availability, integrity and overall security of Electronic Patient Health Information (eHPI) within the HealthCare and Medical Services industry.
We provide our medical clients comparative information and baselines against industry standard practices in addition to the HIPAA mandated review items in the Security Rule. A complete assessment as required under the HIPAA risk assessment specifications includes on-site interviews with personnel, system analysis, policy and procedure review and remediation suggestions.
Skysoft offers Consulting Services to help you comply with the HIPAA Security Rule regulations. Our cost effective approach to security and compliance makes it affordable to any size healthcare organization to be in compliance without cutting any corners. Our comprehensive HIPAA Security assessment service offers and approach based on a five-layer process, tightly integrated with our client’s environment and needs.
- Increase security processes and awareness
- Assess the current state of security
- Develop a comprehensive HIPAA Security policy and authorization levels
- Implement an enterprise-wide security solution
- Hand-off and assist in maintaining a secure, compliant posture