What is a Site Security Audit?
We examine your Web site to find out how vulnerable your data and
machinery is to malicious attack, and determine the vulnerability of any
information or access channels that should be private.
Every site on the Internet carries with it the potential for malicious
people to take advantage of its server, its applications and its data.
Every site on the Web carries with it a security risk, no matter what.
At the same time, you cannot be
expected to know all the possible security holes, the latest attack
methods, and the approaches to keeping a site as secure as possible.
That's why you hire Advanced Information Technologies Inc..
Acceptable Risk
Not everyone needs to have the most
secure Web site possible. If your site is so secure that it cannot be used
efficiently by legitimate users, you've probably gone too far.
On the other hand, if you're accepting credit card numbers without
encrypting them, you're running the serious risk of getting sued and
losing everything you own.
What's included in our Security Audit
1. Server and Host Security
Analyze and review your site hosting and transaction processing
server(s), network configuration and data storage and backup plan.
2. Application Security
Analyze and review your software code for known security hazards,
advise on the security hazards of any third party software you may be
using.
3. Data Security
Analyze and review storage of data on disk, data backup and recovery
plan, and the protection of sensitive information during storage and
transfer.
4. Potential Weaknesses and Vulnerabilities
Evaluate your site to identify and test possible exploits and
weaknesses which may expose data, allow fraud or misuse, deny service, or
cause public-relations disasters.
We present a detailed report of our
findings, including recommendations for fixing any problems we encounter.
You can use this information to identify potential problems, and to help
you determine your own acceptable level of risk.
