Vulnerability and Penetration Testing
The probability of intrusion in an organization increases annually at very large rates. Attacks no longer refer to "remote" companies but organizations within the country. The modes of intrusion into a Bank are too many, and the attackers are constantly developing new techniques to gain access. The attackers exploit mostly the weaknesses of the Bank's external systems, such as the website or Web Banking site and in several cases they gain information through Phising attacks or Social Engineering.
Risks:
If a hacker's attack is successful, the results for the bank mainly involve the following:
-
Money loss
-
Reduced credibility (declining income, equities, etc.)
-
Legal penalties for exposure of personal customer data
-
Unavailability of services, loss of equipment, huge administrative cost for systems’ recovery
-
and many others.
Solution:
Penetration tests are designed to identify the weaknesses of an organization and to provide solutions that address these weaknesses and the attempt to exploit them, by simulating a hacker's attack. The goal of these services is to provide the Bank with the ability to acquire the full picture of the security level of its information systems and to comply with relevant legal and regulatory frameworks that impose the corresponding references.
Space Hellas implements these tests either externally (via internet) or internally (within the network), with inside knowledge (authenticated users, IP range, etc.) or without any prior information about the organization. The service deliverables include findings and recommendations to resolve the weaknesses and are addressed to both the Administrative and Technical staff of the organization.
For all the above cases, the main pillars of this service relate to Security of Information Systems and Infrastructure, Physical Access Control and Personnel Awareness on Information Security
|