In today's Internet age, the protection of sensitive data has become a top priority for many businesses. MSA Investigations provides Penetration Test and IT Security Assessment services to identify vulnerabilities in IT infrastructure. Penetration Testing and Security Assessment are divided into two stages:
Stage 1 - Penetration Test - Provides a view of the threats faced by the organization from the outsider. Our penetration test professionals do not rely solely on automated security scanners, but take time to develop a cyber profile of the company and then interact directly with the systems to identify vulnerabilities. In this regard, we assume the role of an outsider attempting to penetrate a company's IT defenses, including any vulnerabilities in procedures and staff.
Stage 2 - IT Security Assessment - Identifies weaknesses from within a company's network. We examine the network’s vulnerabilities to identify any evidence of employee wrongdoing or carelessness. Additionally, a review of company policy can be conducted to identify weaknesses in processes and procedures.
MSA Investigations offers the ability for an organization to select the components from each of these stages that meet a company's needs, and implement an assessment plan that will address the particular issues and provide accurate results. Among the steps taken are the following:
- Technical Reconnaissance
- Operating System / Application Fingerprinting
- Wireless Sweeps
- Firewall Rule Set Review
- Router Access Control List Review
- Physical Computer (Server) Access Control (Physical Security Review)
- IT Policy Review
- Domain review – Active Directory / User Accounts / Permissions
- Employee External Access Capabilities
- Revocation Policy of Dismissed Employees
- E-Mail Storage / Access Policy
- Locally Installed Application Review
- Security Interviews of IT Staff and Workforce Control Group
- Log Management
- Back-Up Policies / Storage
- Vulnerability Scanners
To learn more about how MSA Investigations can help shield your sensitive data from network attacks, download The Must-Have Blueprint to Network Assessments and Penetration Testing.