Systems Penetration Testing (Including pre PCI DSS)

How effective are your current system security policies?

You've locked it down but has this been independently verified?

Are you aware of information leakage in your environment?

Are you aware of vulnerabilities and exploits in deployed hardware, software and servers?

If you are dealing with personal data are you aware of the legal requirements for doing so?

Is your data storage, archiving and backup strategy GDPR compliant?

If you are dealing with credit card data are you aware of the legal requirements for doing so?

The average SME business may host services delivering email, VOIP, MDM, CRM, ERP, Credit Card processing. These systems can be based on many software and hardware stacks. For example any network that deals with credit card data requires clear, established demarcation for data in transit as well as to and from bank processing systems. A compromised CDE (Card Data Environment) not only compromises your customer data but can result in rather hefty fines from the FSA. A wireless CDE requires even greater scrutiny as attack vectors include malicious parties within broadcasting range of CDE endpoints and any rogue wireless access points that feature in the vicinity of the wireless CDE. It is absolutely crucial that L2 and L3 network paths, traversed during credit card transaction processing are continually monitored for suspect activity and are sufficiently configured to ensure there is no inadvertent data leakage.

Crucially a business must be aware of the security posture of any service or software that they host and the only way to do this is with an penetration test.

This is just one of many examples that demonstrates how a system penetration test goes a long way in establishing how secure your environment is and helps to identify attack vectors before they can be exploited.

Our specialists have accrued extensive experience in this area after working with conference centres, theatres and other businesses in the entertainment industry to achieve PCI DSS compliance as well as exposing potential attack vectors.

We can also provide you with an extensive security report detailing your environment further aiding you in establishing secure systems practices.

Contact us now for a preliminary consultation.

Contact us