Security Consultants - Specialists in Securing Microsoft Windows Servers and Workstations

security consultancy | firewalls | content filters | anti SPAM

Security Technologies and Policies

A small selection of the questions that need asking about every network. If you'd like us to ask you some more, we'd be happy to.

Network Security Audits

Securing a network is an ongoing process. What measures are already in place to protect your network, how often are they reviewed and what should be the priorities for improving them?

Anti-Virus & Anti-Spyware

Are you scanning for both Viruses and Spyware at the perimeters of your network in addition to on the PCs, Laptops and Servers? How is it ensured that all your computers have the latest Virus and Spyware signatures installed? Do any users disable their anti-virus protection to 'speed up' their computer?

Firewalls

How many firewalls are present on your network, only one at the perimeter? Several to protect departments and individual PCs from threats on the LAN? How old is your gateway firewall and it's firmware, is it appropriate for today's threats? How do you protect laptop users when they are away from the office and are their machines quarantined and scanned for Malware before reconnecting to the LAN?

Secure Wireless Networks

Properly planned, they can offer huge flexibility and productivity benefits. Poorly implemented, they may be the biggest single information risk to your business. Could there be Wireless Access Points on your network that the IT department doesn't even know about?

Security Policy & Training

Have you defined what your users can and cannot use your network for? Have they agreed to abide by that policy and do you have the tools to inform you if they do not? How many would recognise an attempt by a skilled Social Engineer to get information from them that could be used to gain access to sensitive data?

Internet Content Filtering

Are the users of your network protected from unwelcome Internet and Email content and made more productive in the process? Are they prevented from conducting illegal activities from your systems? Your organisation may share the liability if crimes are committed using its computers.

Virtual Private Networks (VPN)

Do you have multiple sites that need to share information easily and without risk of interception? Do you have users who need safe access to data from home or whilst travelling? Would your network be protected if an infected computer was permitted access to it?

Patch & Vulnerability Management

How do you stay informed of the risks affecting your systems? Do you have tools to help identify which computers on your network are not adequately patched and to help you deploy appropriate fixes to those that require them?

Data Loss & Recovery

If you suffered data loss because of human error, malicious behaviour by an employee, a virus, a hacker or because of hardware failure, would you be able to restore the lost data? Are you sure? When did you last simulate a restore? Have you identified which data would matter most if it were lost and customised your backup strategy accordingly, or do you treat all data on your network equally?

Network Documentation

If a major problem on your network required outside help to resolve it, would there be up to date diagrams and documentation available to the consultant to help them identify the problem? Would too much precious time be wasted trying to understand how the network was configured before remedial work could begin?

Data Encryption

Do you or any of your staff carry data with you on a USB stick, a laptop or a PDA? Do you encrypt the confidential information to prevent it being read if a portable device is lost or stolen? Your backup tapes should carry strong encryption too. They probably contain the passwords to your whole network as well as large amounts of your organisation's data.

Authentication

Are users of your network prevented from accessing all areas to which they do not have legitimate access? For those areas to which they should be allowed, does their account have more permissions than it really needs to enable them to perform their role? How appropriate is the password policy for your organisation? Have additional measures been considered for preventing unauthorised access to your network?

Working for Fusionic

We are always eager to hear from individuals with extensive network security experience and/or the following accreditations interested in becoming an associate consultant:

MCSE - CLAS - SSCP - CISSP - CCNP

Submit your CV here..