Why a security audit?

A modern, secure IT environment is composed of tons of technological components: next-generation firewalls, anti-virus, -spam, and -malware solutions, web filters, proxies, secure remote access solutions, solutions for authentication, WAN acceleration, application delivery, load balancing, switching, internet VPN connections, wireless solutions, data center security, PKI Infrastructure, web security scanning (PCI), not to mention mobile device management. 

It can quickly become a complicated exercise to keep a clear overview of the current security posture in your organization and to know where are the priorities. Our security audit, also known as the Security Hardening Audit, can help providing the necessary security intelligence.

EASI IT Security Audit Team
Thomas Van Eeckhout CEO NL

The CEO's viewpoint

"As an entrepreneur today you face many challenges and often IT infrastructure is your last concern. Whichever way you run it, digitization has ensured that IT is closely intertwined with the operational side of your organization. A data breach or hacking can cost a lot of money, not to mention the additional image damage. IT may not be the focus of your business, but those who aren't strong need to be smart. An IT security audit is an ideal starting point to start working on the IT maturity of your company at your own pace".

Jean-Michel Block CIO EASI

The CIO's viewpoint

"IT never stands still, just like the company you work for. The infrastructure is becoming more and more complex, the applications your employees use are becoming more and more numerous, and is your team growing along with it? As a CIO or IT Manager, it is becoming increasingly difficult to maintain a complete overview of the entire IT infrastructure and security. An IT security audit is a perfect starting point to determine the best strategy. And whether you carry out the recommendations after the audit yourself or have them done by EASI, is entirely up to you".

Toni Turi CFO EASI

The CFO's viewpoint

"The choice between spending money on improving your IT infrastructure or paying hackers to release your data is easily made. As a finance manager, I prefer to maintain full control and prefer a clear picture of the TCO of my IT environment and security. First and foremost, I want to know which priorities I want to spend my budget on. An IT Security Audit is the perfect tool for this: it is an in-depth analysis that helps me to guarantee the continuity of my business operations".

Advantages of an IT Security Audit

IT maturity at your own pace

During an IT security audit, our experts uncover all the pain points of your IT infrastructure, followed by concrete advice. How and if you apply these, you decide for yourself and at your own pace. Through the analysis, we can offer forward-looking scenarios in which your IT infrastructure and security grow along with your business objectives.

Cost-efficient

Whether you are conducting an IT security audit in the aftermath of an attack, want your IT security to gradually grow with your business, or want to migrate to the cloud: an IT security audit is always adapted to your budget. The audit exposes quick-wins and creates a roadmap in which your expectations, needs, focus and costs are aligned.

An insurance for your business

Periodically performing an IT security audit is like taking out an insurance on your business: an insurance for continuity. The results of the audit will help you determine the right strategy, implement the right action plan and alleviate your worries. You also protect yourself against possible unnecessary costs in case of data breaches.

"You can no longer take out life insurance if it is too late"

For IT security this also applies: you are better prepared than too late.

What we do during a security audit?

1

Information gathering

The first phase is all about gathering information. EASI’s security engineer will focus on your critical applications and systems and collect all necessary information to perform the audit. This information will be gathered through interviews, data extracts, and supporting documentation. Amongst others, the protection of data and GDPR aspects will be screened. Every systems hardening audit we perform is different: we adjust the audit to fit the exact needs of each and every customer. 

Checks will be performed at different levels:

  • Network: WAN connectivity, Switch, Router, Wireless Access Point, DNS;
  • Cybersecurity: Firewall, VPN, Anti-virus, Anti-spam;
  • Web: Apache/IIS Configuration, Website SSL Rating, Proxy, Reverse Proxy;
  • Endpoints: Laptop/Desktop, Smartphone;
  • Data: Authentication, Authorization & Accounting;
  • Storage: Analysis on data storage;
  • Servers: Backup, Management, Encryption, Windows, Linux, MacOS;
  • Databases: Microsoft SQL, Oracle, MySQL;
  • Mail: IBM Domino, Microsoft Exchange, Office 365, Google Mail;
  • Network Vulnerability Scan.
  • ...
    2

    Analysis and interpretation

    The second phase consists of the analysis and interpretation of the collected information. This will give you a complete view of your IT infrastructure's security across the different layers defined in the first phase. 

    3

    Presentation & recommendations

    In the third phase, we will provide a complete and detailed presentation of the report. This report contains the findings for each of the audited elements, as well as recommendations to remediate the findings. These recommendations are presented in an action plan, consisting of:

    • quick-wins: increasing the level of security in a short time period; and
    • a roadmap: containing structural recommendations for those remediation actions that require more time.

    After this audit, you're free to decide whether you're going to implement the recommendations yourself or with EASI's help.

    Let others reach their full potential: that's what we're going for

    Maxime - EASI - team coordinator security

    Maxime

    Team Coordinator Security

    Specializations: Design & implementation of Security solutions. Ethical hacking (Red team) 

    Strengths: Go-getter & customer-oriented

    Why choose EASI: "How I feel, customers do not simply choose EASI for advice on the security of their IT infrastructure. No, they trust us because we guide them through a process that they decide for themselves. During an IT security audit, it is logical that the customer is at the center. Moreover, our people constantly update their knowledge in order to always be able to offer the best approach and technologies."

    Quincy EASI security & infra Sales

    Quincy

    Account Manager

    Specializations: IT security & Workplace modernization 

    Strengths: Team player & Pragmatic

    Why choose EASI: "I think customers choose EASI because we combine high-level management expertise with many technical experts, which makes our reports very concrete, realistic, pragmatic and actionable. As an Account Manager, I try to work as transparently as possible: you know from start to finish what the project is going to cost you. I always keep the TCO of the customer in mind because a higher level of security does not immediately mean that it has to be more expensive: sometimes it can just be done in a more efficient way."

    Gianni EASI Technical Engineer

    Gianni

    Technical Engineer

    Specializations: Network security technologies 

    Strengths: Analytical and critical thinking with attention for people

    Why choose EASI: "We have the people who can think through a process or technology and identify the risk for the company. The most important thing is that they can immerse themselves in the technical aspect without losing themselves in the details and arrive at data-driven conclusions. EASI attaches great importance to all levels, from the most detailed technical person to the highest C-level. During an IT security audit, we cover all aspects of security in order to deliver the best security roadmap".

    Get a quote for a security audit!

    We are already helping them

    assar.jpg
    Synlab
    Gaming1 logo
    Maison Marie-Immaculee
    Médecins Sans Frontières
    Iris Cleaning Services
    Van De Velde
    Ter Molst

    Other security services

    Penetration testing

    Penetration testing (aka "ethical hacking") is a set of actions, performed by Certified Ethical Hackers from EASI, that will replicate malicious behaviors in order to check that your IT infrastructure or the defined scope is correctly protected and configured.

    User Awareness

    Companies often come to us with questions like: “I’ve taken all possible security measurements – firewall, antivirus, anti-spam, web filters, IDP & IPS, etc.- Still, my data has been encrypted by a cryptovirus. What am I doing wrong?” The answer is: You have forgotten your users!

    Vulnerability scanning

    As part of the Vulnerability Scanning As A Service (VSaaS) solution offered by EASI, you are guaranteed to receive instant notifications (and recommendations!) on severe vulnerabilities that are impacting your IT systems and web applications. 

    Recent blog articles

    EASI
    Laurent Boveroux
    Laurent Boveroux
    06/11/2020
    Renauld Duchesne, Executive Business Manager of the Security department at EASI, talks about the challenges of his position and shares his vision for the future of cybersecurity at EASI.
    Security
    Maxime Lamarche
    Maxime Lamarche
    27/10/2020
    Since the start of the Covid-19 pandemic and the increase of home working, IT Security has become a real concern for companies. A lot of information about your company, your employees... is available on the Internet but also and most importantly on the DarkWeb.
    Security
    Jérémy Derzelle
    Jérémy Derzelle
    23/10/2020
    Recently EASI actively took part in the Fortinet Xperts Summit EMEA 2020! Amongst all sessions we attended, the "Secure and Protect VMware NSX-T SDDC" and so we think it is a good time to remind you about segmentation.