Security Audit

The security audit usually concerns the following areas of your IT infrastructure:

Depending on the motivation for the security audit we take the following measures:

Getting the computer malware-free:
- The performance of the computer is very bad: slow, sudden crashes, frequently freezen software, unexpected reactions, heavy network activity, many error messages, harddisk almost full... If it is not a virus or a bad program, it might be a broken hardware component. In any case: We must check the computer.
- Before we install a new backup system or we upgrade the computer we also should start a security audit. It should not happen that we backup virus or migrate them to a new, fresh system.
Checking the vulnerability of the computer or network:
- Firewall, router and wireless lan settings.
- Antivirus software configuration.
- Investigation for dangerous software (e.g. instant messengers, botnets).

Hardening the computer against un-authorized access:
- Installing security software (e.g. encryption software, monitoring software, password managers).
- Enabling security settings (e.g. secure connections to mail servers, online repositories, groupware systems...)
- Identifying and removing or replacing risky software.
- Setting up a security policy (how to store documents, how to handle passwords...)

Security measures in general

These security measures (services and products) are always appreciated:

Backup system prevents data loss.
Antivirus software protects against malware (virus, trojans, worms).
A firewall, access control and a proper network and computer configuration protects against un-authorized access.
VPN or connection encryption helps against data eavesdropping.
Local encryption (e.g. by Truecrypt) guarantees a secure storage of your documents and data.
Replacing or removing dangerous software (cleaning the computer) makes it more stable, faster and secure.

If IT security is a major concern in your company, we recommend to switch to Linux!