How did GTL help to raise an SME’s security levels?
Two in five companies have lost their businesses due to poor cybersecurity. Research shows that 43% of SMBs in the US and UK have no cybersecurity defence plan in place; Nearly 60% of SMB owners believe their business is unlikely to be targeted by cyber criminals. Cybersecurity plays a vital role in every company and a lack of it may result in great damage to your business. By failing to build a cyber secure foundation within a company, doors to financial losses, data thefts or reputational damage are opened. With cyber threats continually increasing, many businesses are on the lookout for methods to stay secure and safe.
Around 65% of medium businesses report having cyber security breaches or attacks in the last 12 months. One such small app development company has formerly approached Gemraj with the inquiry for our aid in reshaping their cyber security systems to improve the security posture of the organisation. A recent vulnerability survey found that 62% of organisations were unaware of their susceptibility prior to a data breach. Upon the SME’s request, Gemraj has performed Vulnerability Assessment and Penetration Tests on their existing premise and cloud infrastructure. In 2020, a security report found that 76% of apps have at least one security flaw. For the company’s needs to be successfully fulfilled, Gemraj then proceeded to have a meeting with the stakeholders where the Vulnerability Analysis was discussed in greater depth. Gemraj helped to identify which digital entities require assessment so the security posture of the company could be enhanced.
For Gemraj to be able to align with the company’s goals, the SME has outlined that the following areas must be covered:
- Assessment of proper configuration of firewalls, routers, and Internet Gateways.
- Assessment of hardware components including servers, switches, desktops, laptops and wi-fi controllers that were part of internal internet networks.
- Testing of services in the offices using wi-fi analysers to test signal strength, coverage, frequency, and other related information.
- Deployment of firewalls for the given perimeter and all internal networks.
- Assessment of cloud infrastructure
What Gemraj did to help
GTL produced series of strategies to achieve their objective of delivering the best possible solution to the SME’s requirement:
- Mapping of open ports and underlying services by carrying out tool-based scanning.
- Finding exposed security loopholes by executing tool-based vulnerability scanning.
- Attackers often look for systems that are misconfigured, but dedicated vulnerability. scanners can detect some common misconfiguration settings. (e.g., unintentionally open ports, default accounts and passwords, and weak passwords.) and Gaining configuration details from every component that will be tested.
- Removing false positives by judging tool logs and applying experience and knowledge
- Categorising vulnerabilities as per their severity based on the business impact it might cause if the vulnerability is exploited.
- Providing feasible evidence for each vulnerability exploited by carrying out penetration testing.
- Preparing a report with proof for the final set of results.
The overall outcome and value delivered
Following the VAPT processes, GTL implemented those measures to increase the cybersecurity of the company:
- Developed protected technical reports.
- Classified all vulnerabilities into three indicators - critical, high, low.
- Provided customised security solutions and control which helped the client to mitigate the anticipated risk.
- Improved security and efficiency.
- Identified a lack of security control.