Why a security audit?

A modern, secure IT environment is composed of tons of technological components: next-generation firewalls, anti-virus, -spam, and -malware solutions, web filters, proxies, secure remote access solutions, solutions for authentication, WAN acceleration, application delivery, load balancing, switching, internet VPN connections, wireless solutions, data center security, PKI Infrastructure, web security scanning (PCI), not to mention mobile device management. 

It can quickly become a complicated exercise to keep a clear overview of the current security posture in your organization. Our security audit, also known as the Security Hardening Audit, can help providing the necessary security intelligence.

EASI security audit

What we do during a security audit?

1

Information gathering

The first phase is all about gathering information. EASI’s security engineer will focus on your critical applications and systems and collect all necessary information to perform the audit. This information will be gathered through interviews, data extracts, and supporting documentation. Amongst others, the protection of data and GDPR aspects will be screened. Every systems hardening audit we perform is different: we adjust the audit to fit the exact needs of each and every customer. 

Checks will be performed at different levels:

  • Network: WAN connectivity, Switch, Router, Wireless Access Point, DNS;
  • Cybersecurity: Firewall, VPN, Anti-virus, Anti-spam;
  • Web: Apache/IIS Configuration, Website SSL Rating, Proxy, Reverse Proxy;
  • Endpoints: Laptop/Desktop, Smartphone;
  • Data: Authentication, Authorization & Accounting;
  • Storage: Analysis on data storage;
  • Servers: Backup, Management, Encryption, Windows, Linux, MacOS;
  • Databases: Microsoft SQL, Oracle, MySQL;
  • Mail: IBM Domino, Microsoft Exchange, Office 365, Google Mail;
  • Network Vulnerability Scan.
  • ...
    2

    Analysis and interpretation

    The second phase consists of the analysis and interpretation of the collected information. This will give you a complete view of your IT infrastructure's security across the different layers defined in the first phase. 

    3

    Presentation & recommendations

    In the third phase, we will provide a complete and detailed presentation of the report. This report contains the findings for each of the audited elements, as well as recommendations to remediate the findings. These recommendations are presented in an action plan, consisting of:

    • quick-wins: increasing the level of security in a short time period; and
    • a roadmap: containing structural recommendations for those remediation actions that require more time.

    After this audit, you're free to decide whether you're going to implement the recommendations yourself or with EASI's help.

    Get a quote for a security audit!

    Other security services

    Penetration testing

    Penetration testing (aka "ethical hacking") is a set of actions, performed by Certified Ethical Hackers from EASI, that will replicate malicious behaviors in order to check that your IT infrastructure or the defined scope is correctly protected and configured.

    Vulnerability scanning

    As part of the Vulnerability Scanning As A Service (VSaaS) solution offered by EASI, you are guaranteed to receive instant notifications (and recommendations!) on severe vulnerabilities that are impacting your IT systems and web applications. 

    User Awareness

    Companies often come to us with questions like: “I’ve taken all possible security measurements – firewall, antivirus, anti-spam, web filters, IDP & IPS, etc.- Still, my data has been encrypted by a cryptovirus. What am I doing wrong?” The answer is: You have forgotten your users!

    We are already helping them

    TCM
    Van De Velde
    Friends of Europe
    Klinik St. Josef St. Vith
    assar.jpg
    Maison Marie-Immaculee
    speos Belgium
    iscal-sugar.jpg

    Recent blog articles

    Security
    Maxime Lamarche
    Maxime Lamarche
    27/10/2020
    Since the start of the Covid-19 pandemic and the increase of home working, IT Security has become a real concern for companies. A lot of information about your company, your employees... is available on the Internet but also and most importantly on the DarkWeb.
    Security
    Jérémy Derzelle
    Jérémy Derzelle
    23/10/2020
    Recently EASI actively took part in the Fortinet Xperts Summit EMEA 2020! Amongst all sessions we attended, the "Secure and Protect VMware NSX-T SDDC" and so we think it is a good time to remind you about segmentation.
    Security
    Geert Van de Steen
    Geert Van de Steen
    20/10/2020
    What is the security situation at your home office? Do we have the same level of security at home office as we do when we are in the normal work location? Read on to find out.