CREST approved IT Health Check for:
- Public Service Networks
- Private Sector
- Due Diligence
- Annual Assurance
PSN and Private Sector IT Health Checks
Organisations connected to the Public Sector Networks require regular assessment of technical information security controls in place and guidance as to how these controls can be improved to reduce technical risk.
Hedgehog Security provides PSN connected public sector organisations with a simple, straightforward fixed price PSN Health Check service that covers both external and internal PSN Health Check requirements in one simple solution. We will work with you to produce a testing scope in accordance with PSN Health Check requirements, provide a thorough assessment of systems and resources within the testing scope, and provide detailed but easily digestible reports containing recommended corrective actions considering the time and resources at your disposal.
This stage involves both automated and manual assessment of the internal network, in order to ascertain that technical controls in place are adequate to protect IT data and systems from internal threats. In addition, a typical IT Health Check will include:
- Testing of WiFi security to ensure both staff and guest access is adequately secured.
- Desktop and Server build reviews to ensure that system configurations are adequately hardened before deployment and that best practice is being adopted in regard to authentication and patch management.
- A technical review of security gateways (firewalls, VPNs, etc) to ensure that rule-sets and system configurations are suitably secured.
- A build review of remote access solutions, including use of encryption to protect data in transit and at rest.
- A review of BYOD (Bring Your Own Device) practices within the organisation.
This consists of both automated and manual vulnerability assessment of your externally facing network perimeter, including web applications, VPNs and any other potential points of network entry. We combine automated scanning, which by itself is limited in effectiveness, with manual verification and assessment to ensure that false positives and negatives are removed.
This is the same with the internal aspect of testing, all results will be compiled into a report and the remediation actions will be added to a separate remediation spreadsheet.
Where you use third party service providers with access to the corporate network, their network perimeter may have to be considered an external connection and tested accordingly.
Due to the manual way in which we perform our vulnerability assessments, our prices can be higher than our peers in the industry. Our prices (excluding VAT) are as follows:
1 - 100 Internal IPs
1 - 25 External IPs
2 Wireless Networks
1 Type of Phone
1 Type of Tablet
101 - 500 Internal IPs
26 - 50 External IPs
3 Wireless Networks
2 Type of Phone
2 Type of Tablet
501 - 750 Internal IPs
51 - 100 External IPs
3 Wireless Networks
3 Type of Phone
3 Type of Tablet
751+ Internal IPs
101+ External IPs
4+ Wireless Networks
Terms and Conditions
The above packages include both the external and internal components of the PSN Health Check. All prices are plus VAT. Organisations will be assessed individually on size. Joint applications will not be accepted. Mainland UK PSN connected organisations only. Final testing scope is at our discretion.