SynerComm AssureIT

Information Assurance

SynerComm’s Audit, Assessment and Penetration Testing services are designed to provide visibility into the current security posture of information environments. SynerComm identifies how threats and vulnerabilities create risks to crucial business processes. SynerComm’s services evaluate the physical, technical and operational controls used to mitigate risk to information assets.

AssureIT Audits

SynerComm AssureIT Audits compare actual running configurations against corporate standards and/or industry best practices. Regular audits are required to ensure that systems are compliant with policies, standards, baselines and regulatory requirements. Upon completion of an audit, SynerComm provides clients with a formal audit report. The report includes an executive summary, detailed findings, mitigation solutions, and a thorough gap analysis.

Audit Categories

• Operating System Configuration and Hardening
• Router, Switch & Wireless Configuration
• Firewall & IPS Policy and Configuration
• Database & Application
• Information Security Policies & Procedures

Industry Best Practices & Standards

• ISO/IEC 27002 (formerly ISO 17799/BS 7799)
• Center for Internet Security (CIS)
• National Institute of Standards & Technology (NIST)

AssureIT Assessments

SynerComm AssureIT Assessments provide an external third-party validation of information assurance programs. Information assurance is a life-cycle process used by organizations to continually evaluate and reduce risk. Strong information assurance programs include operational, technical and physical controls to mitigate risk.

SynerComm AssureIT Methodology

• Security Interviews
• Review Documentation (Risk Assessment, Policies, Standards, Disaster and Business Recovery Plans, etc.)
• Data Collection and Analysis
• Vulnerability and Risk Reporting
• Assessment Review and Presentation

Full or Limited Scope Assessments

• Complete Information Assurance Program Review
• Perimeter Exposure
• Web Applications
• WAN Security, Remote Access & Business Partner Connections
• WAN & LAN Performance & Protocol Analysis
• Data Leakage (Email & Web)
• Database Security
• Internet Usage

SynerComm AssureIT assessments are an excellent way to prepare for regulatory audits from PCI, HIPAA and the FDIC. SynerComm specializes in providing information assurance services for financial institutions examined using FFIEC standards.

AssureIT Penetration Tests

SynerComm AssureIT Penetration Tests attempt to exploit known and unknown vulnerabilities in information systems and end-users. SynerComm’s “white hat” consultants use both commercial tools and custom developed scripts and exploits to gain access into client systems.

SynerComm AssureIT Penetration Tests

• Perimeter Services (HTTP, SSL, FTP, DNS, Telnet, SSH)
• Client-Side (Social Engineering, Email, Application, etc.)
• Foreign Device (USB, CD-ROM, Router, Wireless, etc.)
• Onsite Physical Intrusion Attempts

Why Penetration Test

• Simulate Real Attacks in a Safe and Controlled Manner.
• Validate the Effectiveness of Security Controls (Intrusion Detection, Security Awareness & Managed Services)
• Determine Whether Vulnerabilities Can Be Exploited

Ask us about using SynerComm AssureIT Penetration Test tools in your next IPS or UTM bakeoff.