Security Services That Meet Your Needs
Assessing the Situation
IT deployments have evolved at an incredible pace in recent years, and so have the security threats they face. Organizations must defend themselves from cyberattackers who are more prolific and sophisticated than ever before. One essential step in protecting your information systems is to understand where your defenses may be weak and how you can strengthen them.
For many organizations, a third-party security risk assessment is the ideal way to uncover vulnerabilities and bolster an organization’s defenses. CDW offers two levels of service to help organizations test their security environments: the Comprehensive Security Assessment (CSA) and the Rapid Security Assessment (RSA).
A CSA involves a comprehensive look into the security posture of every significant asset in an organization’s IT environment, including a password audit, detailed penetration testing, website and application scanning, broad analysis of trust relationships, and wireless network assessments. The service includes a full discussion and analysis of these issues, along with a comprehensive set of recommendations for improving the organization’s security posture.
An RSA balances a thorough approach to security testing with short timelines and limited budgets. By limiting the scope of the test to known assets, spot checks and a sampling of targets, CDW is able to offer this service to smaller organizations at a lower cost than a CSA. The security engineers who conduct the assessment submit a report that outlines the efforts they undertook and provides customized security findings and recommendations.
Our Independent Experts
CDW’s experts have worked with thousands of diverse organizations on security deployments, and the team has performed more than 1,500 security assessments. This team conducts its assessments independently to give you an impartial view of your security posture – even solutions deployed by CDW or its partners. We clearly explain your security needs from a holistic perspective and guide you to an optimal security stance.
How Security Assessments Work
A Comprehensive Security Assessment provides a thorough security evaluation of an organization’s IT assets. Among the operations that CDW security engineers carry out during a CSA:
- Discovery of the breadth of IT assets, including unknown assets or networks
- In-depth penetration testing to analyze multiple paths to compromise
- Audit and review of multiple Active Directory domains
- Broad analysis of implied trust relationships
- Complete vulnerability scan of internal and external systems, as well as a credentialed scan of a sampling of internal systems
- Scanning and assessment of websites and applications
A CSA is an exhaustive examination that can bring value to any organization. Among the benefits of this assessment is a comprehensive plan to address the vulnerabilities and weaknesses that our security experts uncover. CDW spells out its findings and recommendations, and prioritizes them based on cost or difficulty and impact. The plan is intended to help enterprises determine which weaknesses to address now and in the future.
Other benefits of a CSA include:
- Detailed insights into enterprise IT assets and environments
- Alignment with Payment Card Industry Security Standard Requirement 11.3 for penetration testing
Any organization can take advantage of a CSA. No matter its size or mission, any organization can gain a better understanding of how to defend against cyberthreats.
A Rapid Security Assessment is a good option for organizations that may not have the time or resources for a more comprehensive checkup. The service includes:
- A scan of internet-visible hosts and a test of vulnerability to known exploits
- Internal network vulnerability scans and penetration tests of key IT assets
- An audit of passwords and password-related policies, as well as an authenticated scan of as many as 30 workstations
- A test of wireless security at one site
- A social engineering exercise to identify vulnerability to phishing exploits
Upon the completion of an RSA, CDW’s security engineers identify the top vulnerabilities of concern to the organization and provide recommendations to address these concerns.
An RSA is targeted toward organizations with limited budgets or time to conduct security testing. The service is available to organizations with set numbers of internal and external resources. It is conducted on a single Active Directory domain and physical location for wireless testing.