We believe that the best IT is invisible. Our customers shouldn’t have to think about how their systems are working and why…but just know that they’re working. Your business deserves security, prompt action and the most trouble-free IT possible.
Vintage IT Services has the professional team, technology resources, knowledge and skills to introduce best practice methodology and ensure advanced function utilization and top notch security. Security plans for businesses start from an established, best-of-breed format and customized to address specific needs of your business. As part of the Vintage Security Network Audit, all systems including workstations, servers, firewall, routers, and more will be evaluated with cutting edge technology tools and a detailed network security checklist. All security threats and possible attacks will be indentified and documented to provide you with a list of expert technology recommendations moving forward.
These recommendations will provide you with a technology roadmap for bringing your business up to date with the highest security and make you aware of any issues which may be hindering the security of your business and its data, compliancy, regulations within your industry, and network configuration issues.
Vintage IT Services is the one-stop shop for Vulnerability Scans and Policy Development. Specific security issues include:
- Getting a questionnaire from a SOX compliant customer
- Answering a PCI or HIPAA self-assessment form
- Increased anxiety regarding regulatory compliance
- Internal employee security concerns
The Vintage IT Services Security Network Audit is an intensive diagnostic and planning service designed to check the critical components of your computer network for security, reliability, and performance. By evaluating your network and reviewing your future business goals and objectives, we can ensure that one of your most valuable business tools, your network and the information it holds, is performing at peak efficiency and safety. Our personalized and professional approach throughout the entire process reflects our commitment to building positive, long term relationships with our valued clients.
Vintage’s security experts will perform a complete inventory of all your hardware, devices, and major components within your network infrastructure and analyze them for best security practices. This security and technology audit will document all threats, and then alert you to any potential problems. We will then advise you on your options for remedying the situation.
At Vintage IT Services, we understand the need of your business to remain safe, secure, and compliant. We strive to provide you with the utmost security for your day to day operations, including your mobile workforce and your mission critical data. A detailed assessment and a thorough on-site survey of your systems, network infrastructure, operations, and business processes will be performed at the highest industry standard to ensure all security issues and threats are identified. After the security analysis is complete, Vintage will make technology recommendations so that the problems can be resolved immediately. The following aspects of your business will be evaluated:
- Physical Security
- Network Security
- Protocols / Services
- User Security
- Data Storage Security
- System Administration
Physical security is the MOST important part of maintaining the security of a computer system, and is often overlooked by careless system administrators who assume their occasional proximity to a system is enough protection. This may be sufficient for some systems, but in most cases, there are more factors to be considered before a system can be called physically safe and secure.
Network security is the SECOND MOST important part of maintaining a system security. While good physical security can go a long way, if you operate your system in a networked/multi-user environment, the system is many times more susceptible to outside attacks than a standalone system. Network security is also harder to evaluate because it requires a thorough understanding of the various components and layers of your system and all the external services that interact with your system.
Once you are past the physical and network layers of your system, the next category of evaluation is perhaps one of the largest; computers are made to compute, and depending the purpose of your system, it will be running many different kinds of software and programs at any point in time. It is likely in most cases that, because all of the software was written by different people with different understandings of security (and because there are always people who know more about security), at least one of those programs has some sort of security hole that could be exploited.
The particulars of user security varies widely with the nature of the system you’re running. In some cases, a system will be an isolated machine performing mostly server functions with very few users who actually log in to the system and use it directly, most of the users thusly being people interacting with the server functions. In other cases, a system might have hundreds of users directly accessing the system simultaneously. Obviously, the degree to which user security is a concern depends largely on the character of your users, but be aware that one user who attempts to breach security, or who has poor security practices, can affect and possibly endanger an entire system.
Data and file storage, at first, does not seem to present itself as a security risk; either people have access to files or they don’t! In reality, it turns out that there are many and complicated ways to access the same data on a given system, and a good system administrator should be aware of these schemes.
Passwords are the central components in most security schemes; user accounts, sensitive websites, system services are all protected by them. If you know the right passwords, you can gain administrative privileges on a system where you may not even be a user or infiltrate an environment you’ve never even worked with before. They are conventionally accepted as a good way to implement security because they can be incorporated easily into most operating systems and sensitive software, and yet can be made complex enough to be difficult to “crack”, while still being remembered by a user. Their downfall as a security scheme are in their power; one password is all you need to have complete access to an entire system, and passwords CAN be cracked. And what happens if your IT guy leaves and keeps the password?
Quality system administration techniques can make all the difference in security prevention. There’s quite a bit of configuration checks required for most modern systems. Vintage will perform several system checks and keep the system administrator automatically informed of any suspicious changes. Vintage will browse through your system, evaluate system directories and logs, run cracking tools, manually attempt to hack or break into your system through different means, become aware of persons who have intentions of hacking into your systems, and advise you of what techniques your users might expect to implement to maintain security.