Information Assurance

Technical Audit

Hut3 Security Assessment

Firewall Configuration Review

Firewalls are usually an organisation's first line of defence against attack. It is vital that they are configured correctly to provide security whilst allowing the required communication. Firewalls are complex to manage on a technical level and they need to match the organisations needs. Rules are temporarily added and forgotten, weak rules are added, systems are not updated. CNS will take a copy of the config from the firewall and evaluate both the configuration of the firewall itself (Is it up-to-date), is it securely managed and the firewall rules, are they sensible or too lax. A detailed report will be provided.

Data Centre Audit

The physical security of electronic data is a key component to the security of the information. Having state of the art firewalls is of no value if an attacker can simply take the server. Running secure data centres is expensive and complicated, so many organisations simply rent space within a secure server facility. However not all facilities offer the same level of protection, some are very informal and some extremely secure. Many Colocation services have obtained certifications for security, however without examination of the environment and the certification, it is not possible to comment on it or accept it as a true reflection. For example some Colocation facilities will have an inner sanctum which has a higher level of security and usually hold the certification, however if your servers are not in that bit of the site, it's not much use.

The CNS Colocation Audit Package is a short compressed audit designed to give the client an understanding of the level of security that the facility provides. It is not a pass or fail audit, simply an identification of good and bad practice, this will allow the client to make their own decision about requesting changes, moving the servers or leaving them where they are. 

Host Review

If the hosts (servers, desktops, laptops etc) are not built in a secure and sensible manner, securing your environment will be impossible.  Having an expensive and sophisticated perimeter firewall only offers some protection.  CNS will come in and review how your hosts are built.  This will include checking for unnecessary applications and services, checking how the system has been hardened, checking patching etc.  The output from this will be a formal and detailed report.  In addition specific scenario tests can be performed, for example if you are worried about a laptop being stolen, we can act as the thieves and see what we can retrieve.

CNS Hut3 Services
CESG CHECK Accreditation