An internal vulnerability scan is a security test of your internal IT systems, servers, computers and software applications too. It has to be performed on a computer running inside your business network and ideally is run at a regular interval, e.g. monthly.
Why a vulnerability scan?
A vulnerability scan is an ideal way of seeing how vulnerable your internal systems are to a hacker using malware, or a user inserting a memory stick with malware on. All businesses should run vulnerability scans regularly. Each time a scan is run different computers will be powered off, so it is important to run them regularly to catch all the computers online as often as possible.
Port ScanThe IVS product also scans ports to check which ones are open. Anti-Virus software will not do this for you. Many cyber attacks are through ports inadvertently left open. They are a back door into your business, from which a hacker can potentially access your systems and data.
PCI-DSSBusinesses handling credit and debit cards are subject to the Payment Card Industry Data Security Standards (PCI-DSS) standard. This mandates:
- An annual penetration test
- At least quarterly vulnerability scans
IVS ProductThe borwell cybx team will:
- Install the software on your network
- Configure the software with you
- Train you in its use – it has a simple web User Interface
- Show you how to setup and schedule scans, run reports, and run ad-hoc scans
- Will keep in touch with you and alert you to new vulnerabilities or new methods that hackers are using
- Provide updates to the software for free, which are easy for you to install
- Provide telephone and email support
- Run vulnerability scans on your internal IT systems as often as you need
- Produce reports with remedial actions in clear English, and use these in your internal Governance and Risk Compliance (GRC) processes and Information Assurance (IA) processes
- Undertake remedial work internally or with your IT partners
- Retest any systems that needed addressing to prove that they have been updated