ringham Security Associates can take an active role in identifying and managing your company’s technology risk.
Information Security is a vast field. There are many technical activities that help shape the security posture of your company both before and after a suspected incident.
Network Audit - A certified IT Security professional will use specialized hardware and software to:
- Internal Wi-Fi audit
- Evaluate the Wi-Fi airwaves from inside the building to look for connected devices
- Generate a report of every device on your wireless network so you can confirm it matches your expectations
- Look for hidden networks that may be trying to trap users by snagging poorly configured smartphones
- Look for “Internet of Things” or other “smart” devices presenting their own networks that can create back doors into your company
- External Wi-Fi audit
- Evaluate the Wi-Fi network from outside the premises to understand how far your signal is traveling
- Look for “evil twin” networks
- Audit your wired network
- Scan your physical network to identify all connected devices and what services they might be sharing
Implement controls to manage risks
- Deploy security software and agents
- Anti-virus, Anti-malware endpoint protection
- Network monitoring
- Vulnerability Management scanners and agents
- Configure multi-factor authentication
- Authenticator apps
- Biometrics
- Security keys
- Modify configurations of networks and operating systems
- Remove or disable unused software, services and accounts
- Configure firewalls and logging
- Configure timeouts and other security features
Investigate suspected security incidents
- Review logs for unusual activity
- Firewall logs
- Operating system logs
- Physical security logs
- Inspect devices to find evidence of intrusion
- Look for hidden files and applications
- Discover modified configurations
- Work with third parties to take remedial actions
- Issue “Take-Down” notices for scam sites
- Work with engineers from security vendors to upgrade software
