Penetration Testing – What Should you Test?

Are you still confused about Penetration Testing? Many organisations know they need a test to evaluate the security of their IT system but remain unclear on what should be tested.

All elements of your information technology system can be tested, including any method that your organisation uses to capture, store, process or communicate information. It also includes the most important elements of your system (and the highest security risk!), which are your administrators and users.

Examples of what can be tested include:

  • External & internal access to the network
  • Hardware & software network infrastructure
  • Software; including operating systems, applications and databases
  • Wireless (WIFI, Bluetooth, etc.)
  • IP Telephone systems
  • Staff screening and assessment.

But what should be tested?

IT Governance recommends that you consider conducting a risk assessment to indentify the major threats to your system and align the potential damage that they may cause with the key objectives of your organisation. These risks may include the loss of confidential information, the failure of communications, or the failure of a business critical system such as an e-commerce site. If your organisation is already compliant with information security standards, such as ISO 27001 or PCI DSS, you will already be aware of this approach and should know exactly what you would require from a routine penetration test.

What makes the IT Governance Penetration Testing service unique?

Advising our customers on risk assessment and the management of risk mitigation strategy is the cornerstone of our business. IT Governance has a long and distinguished history in the provision of information security expertise and solutions, and is widely known for its work in helping organisations achieve compliance with the PCI DSS and ISO/IEC 27001:2005 standards. Our Penetration Testing service builds on this foundation to provide the highest quality security testing of your IT networks and applications.

Why should you choose IT Governance for your Penetration Testing service?

  • Practical risk assessment to ensure testing meets all security objectives
  • All types of testing provided including system, applications and staff assessment
  • Qualified Certified Security testers employing the latest ethical techniques
  • Comprehensive testing report outlining all appropriate remedial actions.

Please take the opportunity to contact us directly to discuss your requirements and find out how you can book your Penetration Testing Service. Our Customer Service Team will be delighted to hear from you and, if required, can arrange for one of our consultants to call you for a no-obligation chat.

For further information, please e-mail servicecentre@itgovernance.co.uk
or call on 08450 701750.

 

IT Governance Penetration Testing Services