Start right. Be secure.

Build, support, and protect your IT while ensuring your privacy, network integrity, and secure remote access. 

Security

We all live in the information age. A Security Audit as well as Security Penetration Testing are the only true ways to confirm if your information, and your organization, are at risk in this brave, new world. Our CISSP (Certified Information Systems Security Professionals) security consultants provide two main types of services:


Security Audit

The main purpose of a security audit is to discover weak points in the architecture of your IT infrastructure. Such weaknesses quite often remain undiscovered after a penetration test, as the main purpose of penetration test is to bypass existing security mechanisms, but not to check the entire architecture. Good examples of problematic areas include local antivirus policies, user privilege separation, backup storage and information encryption.

Our security audit includes assessments of:

  • Network Architecture and Configuration;
  • Hardware Firewalls and Routers Configuration;
  • User Authentication and Access Management;
  • Updates and Patches Management;
  • System Configuration;
  • System Services and Applications Configuration;
  • Antivirus Software Management;
  • Confidential Data Handling and Encryption;
  • Backup System Management;
  • Local Security Policy Review;
  • Presence and Qualification of Internal Incident Response Team;
  • Physical Security.

Our comprehensive security audit will discover vulnerabilities and weaknesses in your infrastructure. Our documented results will identify the IT threats and risks, including business processes, for their reduction and elimination.


Penetration Testing

A security penetration test is a simulation of a hacker attack on a network, system, application or website, used to discover existing vulnerabilities and weaknesses before hackers find and exploit them. In other words a penetration test is an independent security evaluation of your IT infrastructure.  This is sometimes called "ethical hacking".

Mighty Oaks' CISSP security experts use penetration testing methodologies and standards. Each vulnerability discovered during our penetration testing will be assessed, prioritized, and come with an appropriate recommendation on how to eliminate it.

Upon completion of our penetration testing, the client will be provided with two levels of reports, a summary report suitable for management that describes the work done and recommendations at a high-level, and a detailed report that details the performed work, the details of the identified vulnerabilities, and the proposed recommendations to improve security.


Summary

Security testing and ethical hacking allows each of our clients to positively answer the following questions:

  • Is my network protected?
  • Is my security protection as good as the vendor claimed?
  • How can I protect my business from the most prevalent and critical threats and risks?
  • Who do I call if I have been hacked?
  • What are my risks in terms of financial loss, reputation damage, disappointed customers, and legal implication if my business, and my information, was “hacked”?

Just like other areas in business life, if you don't assess and test your security solutions under real-live hacker-attack conditions, you cannot be completely sure of their effectiveness.  We do this for a living, both for ourselves and for our clients, and have the certifications to prove it.  Don't wait to call us after you have been hacked.  Call us to prevent your organization from being hacked.

To enlist one of our local qualified Vancouver Island, Victoria-based, seasoned security professionals, or to simply discuss your general security needs, give us a call.

Virtualize your servers with VMWare.

Migrate to hosted Exchange, Sharepoint, and BES.

Ensure your business survives with disaster planning.

Keep your data in Canada, safe and secure.

Learn more about practical, effective, and local business advice.