IT Security Audits
AUDIT SERVICES
DISCOUNT
If you order through LGOL all Audit Services orders will attract a 7.5% discount on the prices shown on the Price List
Computer System and Network Audit Services
Security threats can manifest in a variety of ways involving human and non-human intervention. A typical audit involves an in-depth examination of servers, network components, the physical environment and an intrusion test. The level of protection is assessed against the amount of risk to the organisation. Policies, procedures, overall management and other mitigating factors are also scrutinised to ascertain compliance to corporate mandates and a comprehensive report is produced for the client highlighting the major areas of concern.
Risk management is becoming a big issue for large organisations and the Government sector. Auditing completes the compliance loop by highlighting the areas where you are at risk. In some cases you may already have policies that mitigate the risks, but are not complying with them and in other cases you will need to develop policy and procedures to ensure that gaps are closed in the future.
Audits can be customised to target specific areas of concern should a client suspect that anomalies exist within their IT environment. If you don’t require a full audit but want to check for a specific vulnerability such as weak passwords, unpatched servers, or email server configuration we offer a mini audit service. This is not expensive and is a good way of ensuring the basics are correct before your next major audit.
All work is scheduled with the agreement of the client and carried out on the basis of a fixed price quote. Confidentiality and professionalism is guaranteed.
Website Vulnerability Analysis
Websites are developed with a variety of purposes in mind and this is reflected in the complexity of the design. Should the website be compromised, the effects may not only damage the reputation of the organisation, but include the flow on effect of loss of sales, loss of customers, legal actions and even reparation.
Unfortunately, developers of websites range in competency from very bad to excellent and if the website functions, it is not always apparent if the code has been written well or is sub-standard. This will, however, have a huge bearing on how easy it is to gain unauthorised access to the site.
Kaon Technologies has the tools and the expertise to provide an independent assessment of websites in order to determine vulnerabilities and weaknesses. A comprehensive report and test results are provided at the end of the analysis highlighting any areas susceptible to attack. During the vulnerability process we perform a thorough investigation of the site, exploring it for code, pages and links that may have been left as a result of default installation or the development process.
As new threats are being discovered in the wild all the time, scan websites at least annually to check for vulnerabilities. Testing before your website goes live, or after any major upgrades or changes will provide assurance that the Council is not a susceptible target for hackers and mischief makers.
