The organisation which has partnered with Amvion labs on multiple occasions have invited Amvion labs Security Consulting to conduct a Security Audit at the companies Chennai offices in August 2020, with the purpose of assisting the Senior Management team in developing a strategy for managing their cyber and information security.
Amvion Labs held an initial scoping call with the companies CEO and IT consultant to establish their requirements and to gather further details.
Clients Need:The company suspected that their infrastructure might have had a Data Breach or leak and wished to be devoid of any vulnerability from within their environment.
First ResponseFollowing the scoping call, security Audit services on the infrastructure as well as on the application for a code review was decided to be the starting point.
The Audit was categorised into 3 main areas: People, Processes, and Technology. The audit was expected to give recommendations on how identified risks can be speedily mitigated. This audit would help the organisation evaluate and document their risks, vulnerabilities and threat exposure.
The Security Audit is based around the CIS 20 Critical Controls, 10 steps to Cyber Security, ISO 27001:2013, Cyber Essentials and industry best practices.
Amvion began the security audit by documenting an overview of the organisation and its IT infrastructure. The senior management were interviewed during the security audit.
The following Non-Technical and Technical control areas were covered during the audit:
A host of recommendations were made following the security audit. Amvion followed up on the recommendations till each point were addressed or mitigated, satisfactorily.
The concerned in the company were kept in a communication loop throughout & a summary report was provided to the company’s management. Multiple follow up calls were arranged to walk through the findings and recommendations and till satisfactory solutions were reached.