A Real World Assessment of Your Internal IT Security Risks

Why Do This?

  • You have to (compliance)
  • You never have (curiosity)
  • You should (due diligence)

What is This?

An expert review and testing of your internal IT security (behind the firewall). We assess how you have architected the network and perform technical scanning to look for the more technical vulnerabilities.

When Should This be Done?

  • At least annually
  • After changes to your configurations
  • After changes to your hardware
  • As you are required to
  • As often as you want

Who Conducts the Assessment?

Seasoned information security professionals. FRSecure performs hundreds of these assessments annually; each customized to the organization we assess.

What Regulatory Organizations Require or Promote this Type of Assessment?

  • GLBA (Banking)
  • NCUA (Credit Unions)
  • HIPAA (Healthcare)
  • SOX (Financial)
  • PCI (Credit Card)
  • SSAE16 (SOC 2)

What Other Types of Security Assessments Should I Consider?

Full Information Security Assessment including Administrative, Physical, Internal Technical and External Technical security.

How Exactly is Internal Vulnerability Assessment Done?

A Review of the Network Architecture and Management Practices

  • Network Connectivity
  • Remote Access
  • Directory Services
  • Servers and Storage
  • Workstations
  • Mobile Devices
  • Logging and Alerting
  • Vulnerability Management
  • Backup and Disaster Recovery

Vulnerability Scanning on the Internal Network

  • Tests for password policies, system permissions, required auditing and system settings that are common in all networks
  • Tests for user auditing settings, such as their password complexity and logging access failures and logons that are common in all networks
  • Tests conducted against a database of 47,000+ known vulnerabilities
  • Tests for the existence of sensitive files and data leakage
  • Tests against known good configurations

Analysis of the Collected Vulnerability Data

  • Risk analysis and quantification
  • Removal of insignificant data from results
  • Prioritization of the risks identified
  • Recommendations for remediation and ongoing maintenance

How do I Get a Quote?

Talk to FRSecure to make sure this is the right kind of testing for you as there are many different types of this testing that you may need to consider. Have ready the number of workstations, users and staff on your network.

vulnerability scan

FRSecure on FacebookFRSecure on LinkedinFRSecure on TwitterFRSecure on Youtube
FRSecure
FRSecure is a full-service information security management company that protects sensitive, confidential business information from unauthorized access, disclosure, distribution and destruction.