GTconsult's A-Team Protection

A computer security audit is a manual or systematic measurable technical assessment of a system or application. Manual assessments include interviewing staff, performing security vulnerability scans, reviewing application and operating system access controls, and analyzing physical access to the systems.


So what can you do when you have been compromised?

The GTconsult A-Team have the solutions for you

Our Solutions

Assessments

Office365 Security Assessment


Office 365 Security Assessment


The world has hailed Office 365 as one of the most secure cloud platforms, and Microsoft have done a phenomenal job of ensuring this.

However, a misconfigured tenant can lead to several issues that can cause any IT manager nightmares. The Office 365 Security Assessment by the A Team ensures that all security best practises are put in place and the users are made aware and the proper policies are enforced to keep them and your data secure.

Some of the services we offer in this area includes:

Security best practices for Office 365:


• Multi-factor authentication (MFA);
• Office 365 Cloud App Security;
• Secure mail flow;
• Mailbox audit logging;
• Data Loss Prevention (DLP);
• Customer Lockbox;
• Office 365 Secure Score;
• Audit Log Search;
• Anti-spoofing; and
• Anti-spam & anti-malware.

Hardening and Securing

• Setup and Configure Advanced Security Management;
• Set up alerts;
• Setup and configure Audit Log;
• Set up encryption in Office 365 Enterprise;
• Create and deploy device security policies; and
• Configure SharePoint device access policies.

SharePoint On Premise Vulnerability Assessment


SharePoint On Premise Vulnerability Assessment


SharePoint is used by over 200 million people world wide and over 80% of the Fortune 500 companies. This number is growing daily as the platform provides a way for people to collaborate in a secure and easy way.

A misconfigured SharePoint environment can however lead to massive data breaches and compromise a company’s image and financial status dramatically.

The GTconsult A Team SharePoint On Premise Vulnerability Assessment was designed and custom tailored to ensure your companies SharePoint platform stays secure and protects your companies brand and your employees’ data at all times. The Farm audit and vulnerability assessment will highlight all issues and the security and hardening report will give step by step resolution and mitigation advice.

Some of the services we offer in this area includes:

Full SharePoint Farm Audit

• Farm information: farm, site, search topology, servers list and services on server;
• Application management: web applications, site collections, service applications details;
• Information about IIS application pools, site settings, SQL Server configuration and database permissions;
• Farm administrators and other security information; and
• People picker settings, web.config files, workflows, list of features, solutions with their statuses, and other info from the Site Explorer.

Information Disclosure Scan

• Scan for known and open default SharePoint URL’s and webservices;
• Document SharePoint Permissions; and
• Search for personally identifiable and confidential information.

SharePoint Vulnerability Scan

• Misconfiguration;
• Default Settings;
• Cross Site Scripting (XSS); • SQL Injection;
• File Inclusion;
• Backup files check;
• Simple AJAX check;
• JavaScript source code analyser;
• Known Vulnerabilities; and
• Backup file check.

Hardening and Securing

• SharePoint Farm Security Best Practise;
• Information disclosure configuration; and
• Vulnerability avoidance configuration.

External Vulnerability Assessment


External Security and Vulnerability Assessment



The internet is not exactly a safe place. Further, there is a constant and ever-present danger looming.



Allowing external access to your network is essential to your business. However, the fear of what may occur may be causing you sleepless nights. Hackers are on the rise, data breaches and ransomware attacks hit all time highs in 2017.



It has never been more important to protect your network from external threats. The GTconsult A Teams External Security and Vulnerability Assessment will use known hacking techniques to discover your external networks vulnerabilities and public information and provide you with a full audit and step by step guide to resolve issues and mitigate risks.


Some of the services we offer in this area includes:


Network Discovery


• External Facing device scan;
• Subdomain Finder;
• IP Network Scan and Discovery; and
• DNS Entries.

Employee Discovery
• Personal Info – Name, title, email, username, employee number, password
• Social Info.

Company Information Discovery


• Breached Database list;
• Rouge/Shadow IT deployments.



Vulnerability Assessment


• External facing website;
• External facing servers;
• Email address gathering;
• Username Disclosure;
• Router information;
• Public information; and
• Unsecure traffic.

Hardening and Securing


• Full audit result with suggestions and fixes;
• Password Policy.

Internal Vulnerability Assessment


Internal Security and Vulnerability Assessment



Most companies suffer from a condition called eggshell security where they believe because they have setup a firewall and proxy server their internal staff and data are protected from the outside world.



This is most certainly not the case, internal threats are abundant and it is more important than ever with the rise of wireless hacking, USB credential theft and packet sniffers.



The GTconsult A Team’s Internal Security and Vulnerability Assessment identifies threats, assess them and provides a full audit with step by step countermeasures and prevention tactics.



Some of the services we offer in this area includes:



Network Discovery


• Network Scan and Discovery;
• Port Scan Computers, Servers, routers and all other devices;
• Physical Device Discovery; and
• Wireless Network Discovery.


Employee Discovery


• Personal Info – Name, title, email, username, employee number, password.



Company Information Discovery


• Breached Database list; and
• Rouge/Shadow IT Assessment.



Vulnerability Assessment


• Ransomware Assessment;
• Internal servers;
• Internal webservers;
• Email address gathering;
• Username Disclosure;
• Router information;
• Public information;
• Unsecure traffic capture;
• Computer access;
• External Internet Assessment;
• Wireless Network Capture; and
• Password Assessment.

Security Governance Workshop


Security Governance Workshop


Best Practises


• Password Policies;
• BYOD;
• Network;
• PC’s;
• Laptop’s;
• Printers;
• Wireless Network;
• Patch Management;
• OS Hardening;
• Email;
• Web Browsing;
• Anti-Virus Software;
• Travel;
• Server Room;
• Network Points;
• Computers;
• Employees;
• Guests;
• Contractors;
• 3rd Party Solutions and Services; and
• Cloud Environments.

Intrusions


While traditional methods simply highlight possible scenarios, an intrusion test will attempt to gain unauthorized access via social engineering, phishing, clickjacking, exploitation, on-site audit, WIFI hijacking, cell phone info leak and other methods.

A highly skilled senior A Team consultant will perform the intrusion both on and off site with specialised equipment.

These intrusions are designed for companies who place great value on their company’s data and confidential information. An intrusion is a sure-fire way of uncovering most vulnerabilities, weak links and security issues over and above the standard assessments.

Intrusions are an optional extra and can be bundled with any Security and Vulnerability Assessment.

A Team Protection


Get the complete package of protection and mitigate your company’s security risk with the cover of A Team Protection. This package includes everything in the A Team’s security assessment and vulnerability range as well as an intrusion assessment on an annual basis. This offer is designed for any company who wants to completely outsource their security risk or boost their internal IT risk team at an affordable cost.

Annual Service Plan to secure and identify security and vulnerability threats includes:

• An Office 365 Security Assessment;
• SharePoint On Premise Vulnerability Assessment;
• A monthly Internal and External Security and Vulnerability audit and report;
• Everything included in External Security and Vulnerability Assessment;
• Everything Included in Internal Security and Vulnerability Assessment; and
• One annual Intrusion and report.

Get all the information about our A-Team Security Assessments here!

Contact GTConsult's A-Team
to assist in securing your business today!