Best practices in security management recommend the periodical revision of systems and, in particular, the carrying out of specialised audits that can evaluate the real risk of experiencing security incidents that can negatively affect the organisation in question.
As a general rule, auditors aim to review and reduce risks by analysing:
- Improvements in security to be applied to system architecture.
- Vulnerabilities in information systems.
- Non-authorised access to confidential information.
- The possible non-authorised modification of confidential information.
Auditing services are usually carried out remotely, based mainly on:
- Analysing the information that is visible on the internet relating to both system information and the type of information that may attract the attention of a possible attacker.
- Analysing the system vulnerabilities detected taking into account the penetration and intrusion techniques used in attacks on information systems.
- Carrying out real evaluation tests on information systems from the internet.
From the security perspective, mail is considered to be one of the first vectors to be targeted by hackers when attempting to create security incidents. Due to the nature of its accessibility by all types of users, it is the ideal channel through which to propagate harmful software – known as malware – through the internet.
That means that it is of utmost important to ensure its security and especially to undergo audits that analyse this function in depth, checking for configuration errors and vulnerabilities at different levels.
Security audits performed by Ackcent include security tests at different levels:
- At the level of architecture, we check that mail transport and delivery systems are located in the correct area of the network.
- The hardening of mail servers and applications in line with corporate policies.
- We review the security of the administration of the service.
- Mail security tests.
- Security tests at the user level.
The security audits carried out by Ackcent are based on our experience in the design, management and continuous operation of critical systems and applications on Cloud platforms.
Our designs and architectures are based on market leading security products and the best practices currently available.
The use of cloud technologies offers advantages in scalability and flexibility that make the implementation of applications easier, including for their developers. However, due to their characteristics, they complicate the model of governance and the implementation of the security mechanisms typically found in on-premise infrastructures.
For that reason, Ackcent works to make your architecture secure from the earliest phases of its design, while offering continuous service analyses to make sure that you have all of the known security controls for your cloud environment.
The assessments carried out by Ackcent include different types of analysis:
- The analysis and design of the architecture from the security perspective.
- The analysis of authentication and authorization controls of cloud-based resources.
- The inventory and control of implemented resources.
- A security assessment of the control mechanisms and configurations used.