The tests will start with a penetration test performed by one of our skilled engineers. A penetration test is a simulated network attack. Think of it as a war game for the network and systems security staff. It is an excellent way to test the robustness of your security posture and to determine if your network defences are successful in detecting and deterring an attacker.

The next step is to analyse the design of the network and computer systems to identify any possible shortcomings:

• Check if the firewall and/or proxy are configured and installed to deliver maximum security, not only from attacks from the outside, but also to ensure that your employees are not able to endanger your network by running potentially dangerous software (e.g. peer-to-peer software used to exchange MP3, movies and pirated software)
• Security check of a sample of workstations. This will assure that workstations are well protected against viruses and other malicious software.
• Verify that your e-mail servers are configured correctly so that they cannot be abused for spamming or the sending of fake/malicious e-mails.
• Check the security of the web server.

Deliverables

Bellua will deliver a formal report including an executive summary, a summary of your organisation’s security position in the context of people, processes, and technology, and recommendations to address shortcomings in the face of identified threats to the organisation.

Security Experts

When participating in the Information Security Health Check programme, Bellua will actively work with you to mitigate the identified threats and vulnerabilities and improve your overall information security based on your own objectives and risk appetite. The Information Security Health Check is performed by an experienced Security Expert with a strong background in business and IT. Bellua Security Experts hold several security accreditations including internationally recognised ISO 27001, CISSP and CISA.