A team of Scottish Business Resilience Centre computer security experts is now busy checking out computers at a series of small businesses after the launch of the SBRC Small to Medium-sized Enterprise Cyber Security Assessment.
The assessments were offered by SBRC at substantially discounted rates and three interns working with the organisation are now carrying out the projects.
The team includes: Duncan, a third year ethical hacker specialising in password security, wifi security and distributed computing; Ross, a post-graduate ethical hacking student with a background in computer networks; and Shelley, a digital forensics intern skilled in detection analysis and preservation of digital evidence.
The assessment aims to analyse all security procedures and policies to ensure that employees, contractors and visitors adhere to specific guidance. It goes on to study: network security; the security within individual servers; and employee awareness of potential threats.
In detailed work the assessment covers issues including:
• WiFi – security, leakage
• Physical network and the vulnerability of the organisation’s infrastructure
• Access to the network and vetting
• User education
• Social engineering avoidance
• Disposal of sensitive material
• Non-disclosure
• Phishing resilience
• Data protection, including length of time data is held
• Remote access, including web
• Social networking
• BYOD (Bring your own device) policy
And many more issues.
After the work is carried out the enterprise is informed of any serious issues and given a list of recommended actions including suggestions for training.
More info – www.sbcc.org.uk
