Phonesec - Digital risk management

 

Configuration audit

 

Optimising the right configuration of an IT item

The audit on the ’right’ configuration aims to optimise security for an IT item (Server, Database, Firewall, IPBX/PABX, SCADA) depending on known threats and a known or own security reference document.

Your concerns :

  • Limit the impact of exploiting known vulnerabilities
  • Optimise the protection level for sensitive items in the infrastructure
  • Asses how far the security standard is being followed

Our solution :

Our Security experts carry out configuration audits on all types of IT items that are thought to be sensitive.

  • Network configuration audit : active and passive equipment configuration (firewall, routers, etc.), logic architecture, mailing plan, automatic vulnerability detection, telecom links.
  • Server configuration audit : security devices (anti-virus, IPS, IDS), authentication, cryptography, updates and patches, exploitation systems, network and internet services, ports, messaging service, databases.
  • Application configuration audit : managing profiles and privileges, managing data formats, cryptography, authentication. 

Our Methodology :

Our Security experts use professional tools that can quickly verify a large number of checkpoints (rights on file, current updates, shares, account management).

Vulnerability research revolves around knowledge of reference documents, rules or configuration guides.

Our Deliverables :

Our own methodology for sending out the security audit results gives our contacts access to an expansive information summary.

The deliverables provided by our experts (detailed technical report, vulnerability summary table, managerial summary) are handed out during the restitution meeting and presentation of technical recommendations.


 
 
Legal notes - © Phonesec - All rights reserved - 27 Bd Charles Moretti - 13014 Marseille - France