Threat Assessment

OffSite Backup recognizes that different threats require a different appraoch to adequately protect from them. Identifying information threats is the first step in managing the risks to your organization and of deploying a comprehensive security policy.

---

Internet Security Assessment
Any device with access to the Internet is a potential open door to would-be hackers. OffSite Backup Security Consulting provides vulnerability assessments during which it closely maps the network architecture, examines all open ports, hosts and services with access to the Web, and ensures that these network devices are secure. Defensive thinking gathers information such as domain names, IP network ranges, operating system and applications, to identify systems on the network, how they are related, the services that are exposed through open ports (such as http, SMTP, terminal services, etc.). Once open ports and attached services are identified, we help determine whether each service has been updated with the most recent patches and identifies other vulnerabilities located within the exposed services.

Following all vulnerability assessments and penetration tests, OffSite Backup Security Consulting uses the information it gathers to prepare a thorough vulnerability analysis and offers recommendations for strengthening network security.

Intranet Security Assessment
While outside threats must be guarded against, business must also protect against potential threats from within their own networks. Using many of the same techniques and procedures for Internet Security Testing, OffSite Backup Security Consulting provides Intranet risk assessment and analysis to protect against the potential threat posed by insiders.

Web Application Assessment
This assessment examines what services are being offered on Web-based portals and e-commerce applications to examine potential vulnerabilities with respect to authentication, authorization, data integrity, data confidentiality, and consumer privacy concerns. We test these applications using either zero-knowledge testing or full-access testing to examine the full range of potential vulnerabilities. The OffSite Backup Security Consulting Team conducts source code audits to identify any potential vulnerability among the applications and scripts that are accessible through the Web.

Wireless Assessment
Wireless networks, while highly convenient, present additional security threats since the wireless signals are not limited by the physical boundaries of a traditional network. OffSite Backup Security Consulting evaluates how to prevent wireless communications from being exposed to eavesdropping and access by unauthorized intruders. Additionally, we examine the enterprise infrastructure for unencrypted or standard WEP enabled access points that may be vulnerable in order to ensure the security of the network.

Database Assessment
Client lists, credit card records, and other confidential information held in databases must be given particular protection from unauthorized disclosure. OffSite Backup Security Consulting tests database integrity to determine whether any vulnerability may compromise this sensitive information.

Social Engineering Assessments
Social engineering involves manipulating and/or deceiving company employees and other human resources to gain unauthorized access to a network or to confidential information. OffSite Backup Security Consulting is the premier consulting firm in its ability to identify weak links in the security chain through exploitation of human vulnerabilities.

Once individual or systemic weaknesses are identified, OffSite Backup Security Consulting recommends procedures designed to ensure that employees do not divulge information that could compromise company assets. The social engineering assessment not only uses tactics intended to gain confidential information, but also to induce unsuspecting employees to create vulnerabilities that can subsequently be exploited to gain access to confidential information.

Physical Security Assessment
Access to confidential information can often be obtained by simply gaining physical access to company premises. OffSite Backup Security Consulting conducts on-site surveillance to assess physical security and uses social engineering, pass key duplication, and other techniques designed to gain physical entry into secure areas and the network system.