Companies spend much time and expense protecting their staff and assets. Many have installed physical access control systems, technical security and stringent procedures to prevent intruders. However, these measures can be, and often are, defeated by skilled intruders determined to steal valuable assets and information. Control Risks can test these measures so businesses can identify and remedy any weaknesses.
Our intrusion testing consultants are experienced in defeating ineffective technical systems. Using social engineering techniques they can also usually bypass inattentive staff. They can conduct intrusion exercises without disrupting the business’s daily routine and very often without staff even knowing the test has occurred.
Our intrusion testing will be carried out without:
- Forced entry
- Physical force against staff or contractors
- Business disruption
- Public involvement
- Taking employment with the client
Before the test, the team will conduct research in order to obtain information that could aid a successful intrusion attempt. Once inside, the consultants will work to a pre-determined plan but will typically:
- Attempt to gain access to sensitive meeting rooms and offices
- Assess the security awareness of staff
- Assess the vulnerability of access to the IT network
- Assess patterns of movement in order to exploit poor procedures
- Demonstrate how security weaknesses could be exploited
After each test we produce a security report. It benchmarks the current standard of physical security, access control procedures and visitor handling procedures and identifies any potential areas of weakness. Our consultants recommend steps to improve security, and help raise staff awareness to support the implementation of a strong security culture.
For more information on our intrusion testing services please contact us.