advanced search
Some Key Questions:
Are passwords difficult to crack?
Are audit logs recorded?
Are the audit logs reviewed?
Are the security settings for operating systems in accordance     with accepted industry security practices?
Have all unnecessary apps and computer services been eliminated   for each system?
How is backup media stored?
Is there a disaster recovery plan   in place?
Are there user policies in place?
Are there access control lists (ACLs) in place on network devices   to control who has access to shared data?


  
 
 
Security Audit Overview
Physical Security Assessment: A physical security assessment is an engagement that focuses on the physical security as it relates to the protection of information technology assets and an organizations information. Physical security includes the physical protection of buildings, computer processing facilities, servers, network devices, physical limitation of access to workstations, policies and procedures, etc.  This service can be provided as a stand alone service or in addition to our logical Security Assessment. This is an area of IT security that can be audited once and then typically does not need to be re-audited again unless there is a significant change to the IT infrastructure.
Physical Security Assessment Pricing

Logical Security Assessment:  A logical security assessment is an engagement that focuses on the logical security as it relates to the protection of information technology assets and the organizations information. Logical security includes the adequate composition of domain, the use of active directory, password policies and management, logical restriction to areas within a network to those that reasonably require access, and application and system software controls. This service can be provided as a stand alone service or in addition to our Physical Security Assessment.  This is an area of IT security that can be assessed today and even a minor change to the IT infrastructure could cause additional vulnerabilities to arise. Therefore, logical security assessments should be done more often the physical security assessments.               

Logical Security Assessment Pricing

Our General Approach:

  • Interviews with staff
  • Touring facilities
  • Review of policies and procedures
  • Review of security policies
  • Comparison of application and security with the design and operation of manual controls
  • Reviewing and documenting the domain and active directory structure
  • Phishing attempts or mock physical security attacks (with approval)
 
Penetration Testing Service  :  Compliance Testing
About us  :  Services  :  Security  :  Pricing  :  Contact us
Copyright © Marvin and Company PC, 2007. Privacy Policy