Organisations connected to the PSN (Public Sector Network) require regular assessment of technical information security controls in place, and guidance as to how these controls can be improved to reduce technical risk.
Sec-Tec provides PSN connected public sector organisations with a simple, straightforward fixed price PSN Health Check service that covers both external and internal PSN Health Check requirements in one simple solution. We will work with you to produce a testing scope in accordance with PSN Health Check requirements,provide a thorough assessment of systems and resources within the testing scope, and provide detailed but easily digestible reports containing recommended corrective actions considering the time and resources at your disposal.
A typical PSN Health Check will consist of the following components:
This will consist of both automated and manual vulnerability assessment of your externally facing network perimeter, including web applications, VPNs and any other potential points of network entry. Sec-Tec will combine automated scanning (which by itself is limited in effectiveness) with manual verification and assessment to ensure that false positives and negatives are quashed. If the organisation utilises third party service providers with access to the corporate network, their network perimeter may have to be considered an external connection and tested accordingly.
This stage will involve both automated and manual assessment of the internal network environment to ascertain that technical controls are adequate to protect PSN data and systems form internal threat agents.
In addition, a typical PSN Health Check will include:
- Testing of WiFi security to ensure both staff and guest access is adequately secured.
- Desktop and Server build reviews to ensure that system configurations are adequately hardened before deployment and that best practice is being adopted in regards to authentication and patch management.
- A technical review of security gateways (firewalls, VPNs, etc) to ensure that rule-sets and system configurations are suitably secured.
- A build review of remote access solutions, including use of encryption to protect data in transit and at rest.
- A review of BYOD (Bring Your Own Device) practices within the organisation.
The above scope is merely an example of a typical PSN Health Check, and it is important that PSN customers can demonstrate to their assessors that an adequate scope of testing has been adopted.
We understand that public sector procurement can be a minefield, so we offer a range of simple fixed price PSN Health Checks, inclusive of all expenses, based on the number of external systems to be tested:
|1-10 External IP addresses/URLs||11-20 External IP addresses/URLs||21-30 External IP addresses/URLs||31+ External IP addresses/URLs|
Terms & Conditions
- The above packages include both the external and internal components of the PSN Health Check.
- Organisations will be assessed individually on size. Joint applications will not be accepted.
- Sec-Tec will utilise cross-sectional testing as appropriate.
- Mainland UK PSN connected organisations only
- Final testing scope is at Sec-Tec's discretion.