Security audit to find gaps in online defences


April 17, 2012

When it comes to online security for commercial concerns, most people tend to think of hackers sitting in darkened rooms, hammering away at a firm's firewalls or sending out virus-laden emails to break through online defences from the inside.

While these features are common enough in the digital space, in no way should they be allowed to form the be-all and end-all of a firm's security protection measures.

This is because a dedicated attacker is more likely to utilise a range of angles in order to gain as much information as possible before they take decisive action.

These stalking activities can include some truly innocuous approaches – phone calls asking for specific staff members, emails 'accidentally' addressed to the wrong employee and even direct social engineering attempts in face-to-face meetings.

In the busy work day these small details can easily get lost as employees focus on their tasks, otherwise unaware that they have given away a valuable piece of information to a malicious party.

To get a full-spectrum analysis of the weak points in a firm's security protocols, a security audit known as a "red cell" test can be undertaken that simulates a real-world approach to gaining access to privileged information – with the added bonus that the details will remain in confidence.

Red Cell
Technical Risk Assessment
Vulnerability Assessment

Leave a Reply

Your email address will not be published. Required fields are marked *