Information Security Health Check

Information Security health check services integrate inspections of various information security aspects, offering clients recommendations for enhancing cybersecurity. These services focus on implementing technical controls to enhance the security protection capabilities of networks, information systems, and personal computers.

ACSI specialized technical teams in various fields, collaborate with clients for thorough pre-communication and confirm coordination details. We establish standardized operating procedures (SOP) for the services to ensure quality, in-house development of cybersecurity health check detection systems and analysis platforms to enhance operational efficiency.

After check, we provide findings, recommendations, and identified malicious programs (if found). To help our clients enhance the security strength of networks and information systems, reducing information security risks.

Here are the general items of information security health:

Evaluation Items	Description
Network Structure Review	Discussion on structure, equipment deployment, redundancy approach, firewall regulations and host deployment Discovering structure weakness, firewall rules, and inappropriate host deployment, provide enhancement recommendations
Wired network malicious activity review - packet sniffing and analysis	Duplicate the traffic to packet sniffing system via Switch. Retrieval of packet sniffing records to conduct connection analysis. Point out network equipment unusual incidents (such as abnormal connection of relays etc.)
Wired network malicious activity review - network equipment log file analysis	Use tools to collect Log of network equipment and conduct analysis on discovered suspicious programs and related records. Analyze and filter internal computers or equipment to see if there is any abnormal external connection. Computers or equipment with abnormal connection need to be identified with respect to its usage and purpose
User end computer review	Check malware and updates views on user computers. Dispatch of tools to detection host check by AD, together with Log recall Use tools to check accordingly if AD does not conduct dispatch. The result will be listing out high-risk computers and provide improvement recommendations. Assistance in delivering suspicious programs to antivirus suppliers for making antidote
Server host review	Check for malware and update views of server hosts. Dispatch of tools to detection host check by AD, together with Log recall Use tools to check accordingly if AD does not conduct dispatch. The result will be listing out high-risk computers and provide improvement recommendations. Assistance in delivering suspicious programs to antivirus suppliers for making antidote
Security configuration review - configuration of AD server group policy	Review password setting and account lock policy of group in directory server, such as configurations of “Password Setting Policy” and “Account Lock Policy” in the Group Policy related to AD server.
Security configuration review - configuration of firewall connection	Review connection configuration rules of firewall (such as external network to internal network, internal network to external network, internal network to internal network) to see if there is security vulnerability and identify appropriateness of communication between source & destination IPs and ports.