Systems Hardening Audit
EASI's Systems Hardening Audit focuses on the IT technical aspects of the protection of data within your IT infrastructure.
The first phase is all about gathering information. EASI’s Security Engineer will focus on your critical applications and systems and collect all necessary information to perform the audit. This information will be gathered through interviews, data extracts, and supporting documentation. The focus of this audit will be on GDPR and the protection of data.
Every Systems Hardening Audit we perform is different: we adjust the audit to fit the exact needs of each and every customer.
Checks will be performed at different levels:
- Network: WAN connectivity, Switch, Router, Wireless Access Point, DNS;
- Cybersecurity: Firewall, VPN, Anti-virus, Anti-spam;
- Web: Apache/IIS Configuration, Website SSL Rating, Proxy, Reverse Proxy;
- Endpoints: Laptop/Desktop, Smartphone;
- Data: Authentication, Authorization & Accounting;
- Storage: Analysis on data storage;
- Servers: Backup, Management, Encryption, Windows, Linux, MacOS;
- Databases: Microsoft SQL, Oracle, MySQL;
- Mail: IBM Domino, Microsoft Exchange, Office 365, Google Mail;
- Network Vulnerability Scan.
The second phase consists of the analysis and interpretation of the collected information. This will give you a complete view of your IT infrastructure's security across the different layers described above.
In the third phase, we will provide a complete and detailed presentation of the report. This report contains the findings for each of the audited elements, as well as recommendations to remediate the findings. These recommendations are presented in an action plan, consisting of:
- Quick-wins – increasing the level of security in a short time period; and
- Roadmap – containing structural recommendations for those remediation actions that require more time.