Vulnerability Assessment is a process of assessing an organization's security posture based on a very broad sampling of the organization's systems, processes, and personnel. By its very nature, it's a natural starting point for any organization that has not previously brought in outside security help, or has only worked with compliance-focused scanning services. It also represents the lowest barrier to entry with minimal cost, minimal risk, and maximum value.
SheeldIT's Vulnerability Assessment services look at the three major pillars of information security: electronic security, physical security, and human security. Data from these three broad areas is collected, then analyzed together to formulate an accurate list of vulnerabilities that pose the greatest risk to the organization. From there, the list is sorted with the highest-impact/lowest-cost-to-fix items down to more strategic items that will need to be implemented over the long term.
Electronic, or Cyber Security, includes all electronic systems, and their supporting systems. In a typical organization, this will involve clients (workstations and mobile devices), servers, infrastructure (switches, routers, firewalls, wireless, VoIP), and auxillary devices (printers, scanners). Each of these categories brings its own set of risks and requirements, as well as its own set of possibilities for attacks and defenses. These systems also have an extensive set of supporting subsystems, such as data backup and disaster recovery, design redundancy and service level requirements, and more.
All organizations and information exists in the physical world. It's no coincidence that this is also often the lowest common denominator for security. Computers can be stolen, buildings can be intruded. Having the correct levels of control over and visibility in to the physical nature of your information is critical to its security. SheeldIT's team of experts is also well-versed in the complexities of securing your organization, both in the confines of an office building, and out the most hostile public areas.
Organizations are nothing without the people who make it work. These same people also act as the first and last line of defense against data loss. Frequently, personnel can be work actively against the security of an organization, which is what's known as an insider threat. SheeldIT's personnel assessment techniques are unparalleled in the industry and can go as far as detecting insider threats before they cause issues. Further, SheeldIT can help design systems wherein insider threats have a very low probability of occuring, and will have minimal impact if they do.