We have partnered with highly accredited organisation called Encription to provide our clients withe the best in penetration testing and etheical hacking services.
Consultants are all qualified, and have extensive experience in IT security, forensic investigation and ethical hacking. They work to ISO27001 and OSSTMM security standards and are ISO 9001:2000 certified. Encription was of the first organisations to pass the TIGER Scheme senior tester examination.
WELCOME: To encription's éth'ical háck'ing services
ethical = morally correct
hacking = penetration, and exploitation of a computer system's security.
What can a malicious hacker do?
Compromise a system, steal everything of value, and completely erase their tracks within minutes. Watch Peter Gould's BBC report on Cybercrime here
What is an ethical hacker?
encription's ethical hackers are qualified and trusted IT security specialists authorised by you to attempt penetration of your computer system's, information and application's security using the same methods and tools (and a few more besides) as a malicious hacker.
What do you get?
encription produces a report that is easy to read, contains an executive summary, technical management overview and full technical details of any problems, the risks and how to fix them, if appropriate, and encription can work with the organisation to fix it!.
Why use encription limited?
Firstly because you will almost certainly have security vulnerabilities especially in your web site and among staff. Secondly knowing a security problem exists means that something can be done about it, greatly reducing your exposure to risk and a costly recovery exercise (if recovery is possible). Thirdly you are required by legislation ( Data Protection Act, Financial Reporting Standards, Payment Card Industry Data Security Standards) to "take appropriate technical and organisational precautions to protect data from loss or fraud". Finally encription has a proven track record
Remember
The cost of an IT security breach will almost always be many times more than the cost of its prevention.
What Serices are there?
With your written permission we:
Test Your Web Application
Several independent surveys have shown that in excess of 90% of web sites (the highest profile part of your IT systems) are insecure.
encription will carry out a full penetration test on your web site at any time, but preferably before it "goes live". We will then test it on a DAILY basis and display an "encription verified for security" logo on your site, so that the visitors to your web site will have confidence that it is secure.
This will mean that:
You will know very quickly if there has been an attempted attack.
More visitors will be driven to your site (surveys suggest up to 25% more).
Visitors will stay longer.
Test Your Network
A malicious hacker can stop your IT systems working, take control of them, and steal, change or destroy your data in minutes. In fact you may have already been hacked and don't know it.
The encription penetration testing service identifies potential "open doors". One of our qualified ethical hackers will then attempt to exploit those "open doors" to see what control can be gained.
We will then tell you in detail how to fix it, or we will work with you to fix it, the choice is yours!
Test Your Staff (Social Engineering)
Staff are the weakest link in any security chain. They can, and do, give away confidential information unwittingly; or in many cases for personal gain. This is known as social engineering.
encription will carry out a simulated social engineering test to see how much confidential information can be gained verbally or via other means of communication. We have a 100% record in obtaining confidential information.
encription will then train your staff in security awareness.
This will mean that:
Your organisation's risk is greatly reduced.
Your employees will feel valued.
You employees will be able to use the lessons learnt in their home use of IT.
Assist With Security Compliance Conformance And Auditing
Good governance now dictates that procedures to deal information security and acceptable use are essential.
Imagine if an employee were dismissed for downloading unacceptable material, and that employee had not seen or accepted an acceptable use policy. It is unlikely that your case would stand up at an industrial tribunal.
encription can assist in security policy design, implementation, enforcement and audit.
This will mean that:
Your day to day security risk is greatly reduced.
Good governance conformance will be far easier to achieve and prove.
You can prove to the organisations in your "partner chain" that your IT security is sound (but is theirs?).
You can spend more time on your business and less on dealing with difficult situations, which could have been avoided with appropriate procedures.
All of this is carried out ethically, discreetly and confidentially