IT SECURITY AUDIT
Online attacks on school IT systems are becoming increasingly likely and increasingly sophisticated. Our Security Audit is a comprehensive technical review with written report and recommended actions to reduce the risk for your school.
A regular IT Security Audit is essential for all schools to help mitigate against cyber attacks and other types of data breaches. According to recent findings 76% of secondary schools have reported a data breach or a cyber attack in the last 12 months and over 90% of governors and senior management say cyber security is a high priority for them*.
We contract expert ICT Security penetration testers Caretower to undertake penetration testing at schools. Caretower agrees a test scope ahead of testing and carries out all testing in accordance with the agreed scope. All testing is carried out in accordance with Government standards and is repeated on an annual basis and/or after significant architectural changes to the system.
Examples of the scope of testing include:
Web application security penetration testing to cover:
- User and administrator user interface portals
- Testing of authentication service and other system API interfaces
Infrastructure security penetration testing to cover:
- Internal network vulnerability testing covering internal and Internet facing devices, and enumeration and testing of active services
- Firewall build review
- Server build review
- Database settings review
- Network segregation testing
A full report for the school is then produced in accordance with the standard Caretower security testing report format.
Are you confident that your IT systems are as secure as they should be?
Get peace of mind with a CSE Security Audit