rue security is never simply a given in any company. Faced with the increasingly professional nature of would-be criminals, particularly in the field of industrial espionage, it is important to have a strategic approach that takes the existence of vulnerabilities in any current security measures into account.
Zero tolerance for vulnerabilities
No system and no single measure can provide 100% protection. Rather, all the building blocks of a company’s security architecture must be linked to one another in a way that particular shortcomings will be compensated at other points. Only by using IT security and traditional security disciplines in tandem can the protection of expertise be guaranteed.
A Corporate Trust Espionage Penetration Test checks your security architecture in terms of this exact interplay. A mixed team of IT security experts, wiretap specialists, building and plant security professionals, and investigators and psychologists familiar with the mechanisms of social engineering will test how open your company really is to attack. It is precisely the division of organizational responsibilities within companies that often makes it easy for perpetrators to achieve their aims. Going beyond simple certifications and rigid concepts, an Espionage Penetration Test will highlight any weak spots in your company’s security and provide suggestions for solutions based on practical experience.
The unique combination of experts from a wide range of different security disciplines enables us to simulate advanced persistent threats (APT) during the Espionage Penetration Test, which have increasingly come to public attention recently in relation to the security and arms industries. As well as covering all the aspects addressed by a straightforward IT penetration test, an Espionage Penetration Test also answers the following questions:
- How well secured are the company premises overnight and at weekends?
- Can a password reset be requested from the internal IT helpdesk by simulating an internal phone number as part of a DECT wireless telephone attack?
- How can an external individual get inside the company?
- How easy is it to incorporate third-party hardware into the company network?
- How easy is it to forge employee IDs or copy access data?
- How many network access points are not protected by physical security measures (network outlets outside the fence or in external offices)?
- How difficult is it to obtain in-house information in the staff canteen?
- Can the firewall be bypassed wirelessly?
- Which employees are giving away internal information on forums and social networking sites, and to what extent?
- How easy is it to elicit confidential information from staff by means of social engineering techniques?
The “Espionage Penetration Test” service package can be adjusted to your individual needs on a site-specific basis. We would be pleased to send you detailed documentation listing the various options on offer. And of course, we are always available if you would like to get in touch to discuss any such issues.