Penetration Tests and Vulnerability Scans

In the age of heightened cyber security, one thing you can do to protect your organization is to have penetration tests and vulnerability assessments performed on your computer infrastructure, including servers, network and even applications.  Reports show that the cybercrime industry generated at least $1.5 trillion in profits in 2018.  It is also estimated that 78% of US organizations have suffered a  cyber-attack.   At MGA Systems we are vigilant about cybersecurity and comply with certain security guidelines, including having regular penetration tests conducted by third-party security experts and vulnerability assessments conducted internally and by security experts.

What’s a penetration (pen) test?

Performed by ethical hackers/qualified security experts, it simulates attacks on an organization’s computer environment. This allows you to identify areas of your ecosystem that could be exploited by a malicious attacker. Bad actors are constantly looking for ways to gain access to your company’s sensitive data, take over your network and potentially disrupt your company’s ability to function.

The expert performing the penetration test generally uses a combination of manual and automated tools to try to exploit weakness in your network. A report is generated for you, identifying areas of concern ranked by level of risk.  This becomes your remediation priority list.  Using this list, you can begin to shore up your environment, protecting it from cyber criminals. For example, hardening your passwords and tightening up your corporate password policy.

What’s a vulnerability assessment?

Conducted by a qualified security firm or completed on your own with licensed software, a vulnerability assessment uses automated scanning tools to identify known weaknesses and vulnerabilities in your servers, applications and wired and wireless networks. The scan does not attempt to exploit the vulnerability but confirms its existence. This allows you to address the threats and remediate prior to any exploitation.

A report is prepared that defines the vulnerabilities in your environment, ranked by risk and priority.  Generally, the items identified are ranked as critical, high, medium, low, and informational.  The report may include recommendations such as applying known software patches or separating out a guest wireless network from your internal network. You can respond accordingly to protect against the identified exposures, based on their level of risk to the organization.

The penetration test and vulnerability scan perform complimentary functions in protecting your computer systems and infrastructure from cybercrime. Each serves an important function in securing your environment from hacking by a malicious attacker.

Now more than ever, with at-home workforces using various wireless networks, companies of all sizes need a consistent schedule to test the security of their computer systems, especially those that handle sensitive customer data. As a tech company for the insurance industry, MGA Systems takes this responsibility seriously and can help point our customers to third-party providers or tools to use to monitor your own systems. If we can help, please give us a call at (877) 790-1114 or contact us here and ask to speak with our Security Project Manager.

Leave a Comment

Your email address will not be published. Required fields are marked *