How to Contact Us

callback Request Callback
enquiry form Enquiry Form
email info@help4it.co.uk
telephone 0800 043 4448
fax 0845 257 4449
address London HQ
61 Queen Street
London EC4R 1AF

Excellent Partners

  • An Image Slideshow
  • An Image Slideshow
  • An Image Slideshow
  • An Image Slideshow
  • An Image Slideshow
  • An Image Slideshow
Preparation against Hackers and Insider Threats
Most of our customers will find the security checks in our network health check sufficient, however the larger organisation or those customers at risk from specific targeted threats should consider a specialist security audit.

All our consultants are CISSP, CLAS, Cisco or Checkpoint accredited and have at least 5 years, hands on experience in security consulting. We only use proven processes and disciplines to ensure rigorous, repeatable results.... Our security audits can comprise some or all of the following:

Network Discovery

Using a combination of tools and experience, we discover the network structure and map your network. We disclose the network perimeter, highlighting third-party connections. Our discovery service includes a review of router and switch configuration, passwords and SNMP community strings. We investigate third-party connections, dial-in and dial-out facilities, firewalls and edge routers, and set the stage for subsequent penetration tests and vulnerability scans.

Network Penetration Testing

We penetration test your network by connecting on site and attempting to gain access to local and third-party resources. Initially we work without a legitimate logon, then as a standard (non-privileged) user and finally as a privileged user. In all cases we attempt to exploit the information gained in the network discovery phase. We target customer data, personnel, financial and payroll information. We also attempt access to other networks by "piggy-backing" from your corporate network. During this exercise, we also review your standard workstation configuration (operating system, Internet browser, e-mail, etc.) for important vulnerabilities.

Vulnerability Testing

Using professional analysis tools and staff interviews we analyse your corporate network security profile. We produce a detailed report of weaknesses and an action plan to remedy them. We find redundant accounts, well known admin accounts, easy-to-guess passwords, excessive file permissions and much more. We review the security configuration of a number of sample servers, including account policies, rights and permissions, audit logs, administrative accounts, service accounts, patch levels and published vulnerabilities. We also penetration test a sample of servers, recommending modifications and improvements as necessary.

DMZ Server Security Audit

This service provides a thorough on-site security audit of your DMZ servers. In addition to platform security configuration analysis and internal penetration testing, we can also conduct interviews and physical inspections. We review the security configuration of your servers, including file systems, directory design, rights and permissions, change control, and audit logs. We recommend modifications and improvements as necessary. We also penetration test your servers and firewall from the DMZ and internal network perspectives.

Social Engineering and Physical Security

Our social engineering and physical security review uses a variety of techniques, including site visits, telephone calls and e-mail. We establish the opportunity for social engineering and subsequent unauthorised access at your premises and via electronic means. We can also attempt to gain unauthorised access to your systems following a successful breach of physical or logical security. We will highlight any general security concerns during the review and recommend improvements where possible.