Footprint Africa Business Solutions (FABS), in partnership with Protiviti, offers a wide range of security assessments and consultancy services, ranging from basic health checks to complex enterprise assessment and consultancy services.
Information Security Assessment
Understanding an organisation's security state and identifying its vulnerabilities are the first steps toward protecting the confidentiality, integrity, and availability of critical data. To establish an effective security strategy, it is highly recommended to start with an accurate evaluation of the current information security posture. Our information security assessment can help organisations evaluate their current information security posture; protect the confidentiality, integrity, and availability of critical data; and enhance efforts to comply with government and industry regulations.
As more people have access to the company’s data, more opportunities exist for security breaches that can lead to costly fines and embarrassing public scrutiny. Our Penetration Testing Services can help determine the holes or vulnerabilities in an organisation’s networks while demonstrating how attackers can negatively impact business. Our Penetration Testing Services perform safe and controlled exercises that demonstrate covert and hostile attack techniques designed to identify vulnerable systems.
Application Security Assessment
Application security is frequently overlooked during security planning. Developers are under pressure to bring custom applications online quickly and security can suffer in the process. Our Application Security Assessment can help balance time-to-market demands with security best practices. The application security assessment performs attack simulations and a comprehensive vulnerability assessment of the application and the network infrastructure directly supporting it.
Platform Security Assessment
Our Platform Security Assessment includes a systematic review from an architecture and component configuration perspective. It includes a review of the configuration files for the operating system and any installed middleware components, as well as a review of the management controls which include the security policies, organisation, asset classifications, physical access network, remote access, business continuity, and systems maintenance.
Wireless Security Assessment
Our Wireless Security Assessment provides a comprehensive review of the wireless network architecture. During this assessment, the security consultant will perform a wireless discovery internally and externally to determine the presence of rogue or incorrectly configured networking devices broadcasting connectivity. It also includes a review of management controls and processes implemented to ensure effective protection are in place.
Intranet (Internal Network) Security Assessment
Our Intranet Security Assessment includes a comprehensive review of the internal networking architecture and component configuration analysis to determine the presence of harmful security exposures that may lead to an internal security breach. An internal network map is also created to understand all the components connected and a configuration analysis is performed of each distinct attached component.
Internet (External Network) Security Assessment
Our Internet Security Assessment service is designed to provide a comprehensive review of the Internet environment across the technology architecture and management processes. The technology architecture review includes design and configuration analysis as well as vulnerability and intrusion testing to limit the exposure to hackers trying to breach information or cause undue harm to the business.
Security Assessment Processes and Deliverables
During the assessment, security consultants use interviews, questionnaires, physical tours, and technical tools to develop a review. Consultants are deployed with a Senior Partner to complete an engagement both onsite and offsite (depending on complexity). The deliverables generally include an executive summary, a detailed report with the findings and high-level recommendations, and a final presentation.