IT Health Check (ITHC)
JUMPSEC helps you determine the integrity of your systems and data with an IT Health Check (ITHC).
What is an ITHC?
The Public Services Network (PSN) is the government's network that helps public sector organisations work together. An ITHC provides an independent assessment of your organisation's cyber security. Providing assurance that your external and internal systems are protected from unauthorised access or change and to ensure you do not provide an unauthorised entry point into systems that consume PSN services. We work with you to accurately scope a penetration test for the PSN Code of Connection (CoCo) compliance and establish the most appropriate approach to meet your PSN compliance needs.
JUMPSEC is accredited by the National Cyber Security Centre (NCSC) to perform an ITHC under the terms and conditions of the CHECK scheme. Our service is available immediately directly or can be procured via the Government Digital Marketplace(G-Cloud) check-service.
BENEFITS OF ITHC?
- Management of risk though visibility of vulnerabilities – We provide you with a clear point in time view of what exploitable vulnerabilities you have, from an internal and external perspective so you know what risks you are exposed to.
- Strengthen your security posture – Our reports provide recommendations to you on how to remediate any vulnerabilities according to severity and potential impact to you, so you can decide on how to harden your position based on your appetite to risk. Outlining high level findings, recommendations, and root cause analysis. A detailed vulnerability report with point fix recommendations to include CVSS scores.
- Confidence that your security meets your PSN CoCo compliance needs – We work with you to determine the level of information security due diligence your organisation needs to ensure you meet your compliance requirements.
- Complex technical risk translated into business terms – We take the time to understand your organisation and present technical risks in terms that are relevant to you. Providing actionable insights to address risk areas and non-compliance.
Internal & External Testing
Our external testing covers infrastructure such as firewalls, web and email servers, VPN's that allows remote connection to your network from your employees or third-party suppliers.
Our internal testing includes vulnerability scanning and manual analysis of your internal network infrastructure including build configurations for desktops, servers, laptops, tablets, phones, or other mobile devices as well as network management devices security appliances. We will also look at any mobile management solutions, such as Bring your own device (BYOD). We conduct test patching at operating system, application and firmware levels and internal security gateways and wireless network configurations.