What can or should be tested?
Any way that a company or individual captures, stores and processes information can be tested. The means in which that the information is stored, the network infrastructure that transports the data, and the staff that manage and process the information.
Typical areas to be tested are:
Operating systems of the servers and PCs, networking equipment such as firewalls, routers, switches, applications used on a day to day basis, databases, etc. Also laptop hard drive encryption.
Physical access controls, locks, dumpster diving (or skip scrounging as we British prefer to call it).
Telephony, VoIP, war-dialling, remote access servers, VPNs, etc.
Wireless, a poorly configured WIFI setup is a very easy target for any hacker.
Staff, social engineering techniques, security education.
Once these areas have been tested our penetration tester will compile a report which will be given to you onsite explaining the current vulnerabilities in your systems and how to go about getting these fixed.
Unlike many web design or marketing agencies, we do not run automated software and send you out a long technical Website Review Report on what you or indeed your last developer have missed.
We recognise that the web is evolving at a tremendous pace, one real month is equal to one web year, so what was delivered just a few years ago, may very well be looking tired and dated.
At the four BNI Groups we are members of, we are fully signed up to Givers Gain and offer referral clients 20 minutes of our consultancy time (at no charge).
We cover a range of areas such as "What is the objective of your website?"; "What is your business model?"; "Who is your audience?"; then we can cover User eXperience; Usability; Site Analytics; Search Engine Optimisation (On-Site).
We know the value of both your and our time but we also know that we're keen to build relationships and this approach is the first building block in establishing that mutual trust and respect.