The Envuo IT Audit and Compliance Group offers four specific Security Assessment services designed to help you identify security vulnerabilities before they happen, and plan remedial actions to correct these exposures.
Our Security Assessment services help identify threats to your network security infrastructure and processes, including data vulnerabilities, hardware and software vulnerabilities, transmission vulnerabilities, configuration errors, and leakage of sensitive information
Business challenges
Many organizations who request this service are often trying to address these questions.
- How are we doing?
- Is my information secure?
- We have many issues, what do we fix first?
- Can I get a second set of eyes on my systems?
- We know we have many security controls in existence — are they also working effectively?
- How are we doing compared to similar companies and to best practices?
- Can I satisfy my IS/IT regulatory compliance requirements?
- Can I get a baseline security assessment to prioritize our risk and give recommendations for risk mitigation?
Envuo’s approach
With a comprehensive information security vision in mind, an important next step is to perform a security assessment. This enables institutions to better identify, manage and mitigate their information security risks. Such an assessment can be focused on the entire institution, a business division and/or on specific business processes, depending on the company’s dominant risk concerns.
The result of an information security risk assessment is a clearer understanding of an organization’s current security and risk situation, as well as a remediation roadmap to close any gaps that are identified.
Security Assessment Services
Our team travels to your location to do on-site data collection and analysis. Then we do additional work off-site to research specific issues regarding your infrastructure and document our findings and recommendations. While each project is custom-scoped depending on your needs, a typical scope includes:
External Vulnerability and Penetration Testing
For a complete and consistent approach, the utilizes industry best practices and methodologies for penetration testing. There are four major phases to the Internet vulnerability and penetration tests:
- Reconnaissance and Information Gathering
- Enumeration
- Vulnerability Scanning
- Attack and Penetrate (Optional)
Configuration Audit
The Configuration Audit looks configurations of Network devices, systems to determine if they are aligned with industry best practices and regulatory requirements such as: PCI, GLBA, HIPPA etc..
Internet Infrastructure Security Assessment
Envuo will perform a hands-on assessment of the configuration of your Internet architecture, including:
- Firewall
- Architecture and Design
- DMZ Host Vulnerability Assessment
- Managed Security Services – Service Level Testing
Internal Network Security Assessment
Envuo focus on Security policy, network & data segmentation, network architecture, patch management, and the security of workstations and servers on your network are all evaluated, and custom analysis is used to verify that traffic on the network conforms to corporate security policy.
- Network Architecture and Segmentation
- Authentication and Access Control
- Firewall and Router Configuration
- Patch Management
- System Configuration and Hardening
- Confidential Data Handling
- Spyware, Malware, Anti-Virus
- High Availability and Single Point of Failure Analysis
Wireless Security Assessment
Envuo will evaluate the configuration of your 802.11x wireless network implementation, including:
- Rogue Access Point Detection
- Ad-hoc Wireless Device Detection
- Wireless Architecture Review
- Wireless Encryption Key Cracking
Contact Us
For more information about how Envuo can help, please contact us by filling out the form below or email info@envuo and someone will contact you as soon as possible.
Home Services Solutions About Us Contact Us Partners
© All rights reserved 2017 – Envuo, LLC.
envuo.com 