Security

Cedval Certified Security

Crooks trolling small business” reads a headline in a recent Montréal Gazette article. According to this article, fraud costs almost $20 billion per year.   The increasing use of technology ensures that companies are increasingly exposed to a greater number and variety of attacks.  Identity theft, phishing attacks, computer viruses, hackers and more are some of the many ways crooks can target businesses, small and large alike. Because of this, companies are starting to realize that a good security posture can actually increase their competitive advantage. Many companies are using new and advanced technology to help them become mobile and to ensure the fastest response to their business needs.  As this technology becomes heavily used, it is increasingly important to ensure the security of all that information.

“It is up to every owner to conduct a thorough risk assessment of every vulnerability and to take proactive measures to reduce exposure.”

Cedval info can help you with your initial assessment, and can ensure your continued good security posture.  The initial evaluation consists of an evaluation and limited exploitation attempts to ensure that we tailor our testing and findings to your specific environment, as well as providing an added level of security.   If requested, we can also provide an ‘ethical hacking, ‘ service through which, at an agreed time period and after a signed Rules of Engagement letter, we will perform a comprehensive ‘attack’ against your network  that can uncover even the most obscure vulnerability.  This combination of in-depth testing and ongoing verification is fundamental to your continued security and can greatly help in SOX, C-198 and GxP compliance.

Once this initial evaluation has been performed, Cedval Info can provide a security assessment of those portions of your network that are exposed to the Internet on a monthly basis to ensure an ongoing healthy security posture. Using a combination of automated tools and human interpretation, Cedval Info will provide a comprehensive report on your internet security posture.  This report will provide you with complete technical information on the following items, as well as providing you with a summary containing interpretation and recommendations for their  remediation:

  • Verification of systems against the most recent discovered security weaknesses
  • Vulnerabilities of exposed systems that may allow a remote control of that system
  • Web site configuration anomalies
  • Exposures that may allow access to sensitive data
  • Open email relays that may allow your system to be used to send spam
  • Denials of service against through the use of mangled packets to cause TCP failure
  • Vulnerable security settings
  • Non compliant configurations
  • The presence of some sensitive data such as social security numbers or credit card data

An example of a typical report is as follows: