Security & Data Loss Prevention Consulting

The consequences of lost data, or a breach in IT infrastructure, can be catastrophic for any organisation.

Understanding the security vulnerabilities of your external and internal networks and infrastructure is pivotal to implementing the relevant security measures to mitigate the risks.

Krome offers comprehensive, impartial security testing for large and small organisations. We take a truly consultative approach to security testing, with production of easy-to-read reports. Every client is allocated a dedicated Technical Account Manager, who is always on hand to respond to specific technical questions.

To test in an effective and stringent way, it is important to understand the threats, and gain an understanding of the psychology behind the attackers. Krome deploys extensive research into profiling the mind-set of hackers, and understanding the ever-evolving techniques used by them. It is this research and development that puts us at the cutting edge of security testing; as advanced techniques, teamed with advanced technologies, provide powerful tools against the threats.

All technical personnel have at least 8 years experience within IT security testing, and have been vetted in line with the UK government.

External and internal penetration testing

Krome offers a market leading penetration testing function, designed to identify all areas of vulnerability. Conducted by highly trained and experienced Ethical Hackers, the systems utilise a combination of automated scanning and manual intervention to ensure the most advance and up-to-date methodology is used to isolate and highlight areas of weakness.

Areas for consideration within external and internal penetration testing are as follows:

  • Web servers
  • Email servers
  • Wireless connectivity
  • Firewalls
  • Standard build computers

Web application testing

Krome offers comprehensive evaluations for applications used within an organisation, including, but not limited to; order processing, online services, online registration, and access control systems. Through our comprehensive testing hardware, we are able to imitate large volumes of traffic, to assess application performance under stress (DNS attacks).

Payment Card Industry Data Security Standard

Retailers have a legal obligation to protect the data and information of their customers. This legal obligation may not always be obvious, and can be miss-interpreted if not understood properly. We offer a full assessment and consultancy service to ensure retailers are not at risk of fines or action against them. Advice is on hand to ensure protection is in place against organised attacks, which can lead to lost data and negative publicity.

Social Engineering

Although not directly linked with IT security, Social Engineering offers a valuable insight into the wider vulnerabilities of an organisations network. Skilled technicians will try to access an office, site, building or restricted area, in order to obtain private or sensitive information. Utilising advance psychological tactics, and often posing utilities engineers, company employees, or technicians, each comprehensive assessment grades how difficult it is to gain access to the physical area, and then evaluates the network security protecting the data.

Vulnerability Assessment

For organisations who require high-volume assessments of networks and infrastructure, Krome utilises sophisticated automated scanning systems to systematically scan networks to provide feedback of weaknesses within an IT infrastructure.

The output of each scan is interpreted by our skilled technicians, from which a detailed report is produced. Consultations may then follow in order to formulate an effective protection plan to reduce vulnerabilities.

For further information on Kromes Security & Data Loss Prevention Consulting Services please contact us on 01932 232345.