PENETRATION TESTING

Physical Penetration Tests provide an insight as to how well an organisation is handling physical access controls and whether or not employees are abiding to acceptable usage policies. IPPSO is one of few, reputable firms with solid experience in this area – we can compose a physical penetration testing programme for one building, or hundreds, to suit companies of any size and geographic diversity.

 

What Companies Need Physical Penetration Testing?

 

In the current climate of business insecurity, there are significant risks for business who suffer from security breaches as many and may cause significant loss of or damage to;Physical assetsPeopleBrandReputation andProfitsIt is not difficult to see a business being brought to its knees by what appears to be an innocuous theft or other lapse in security. It is crucial that businesses put good holistic security measures in place. They should include physical, Personnel and Information security measures. However for them to be effective they should be regularly tested to ensure they are appropriate and proportionate to the threat.Physical Penetration Tests are an ideal means of checking that the security measures work as intended.

 

What Type Of Physical Penetration Tests Do IPPSO Offer?

 

A Physical Penetration Test is a method of testing the security of a business using social engineering techniques which are realistic, but designed in a way that make it non disruptive to the client.Independence from the company providing the on-site security services, or suppliers of security equipment is vital to ensure there are no conflicts of interest.Businesses are often at their most vulnerable out-of-office hours. Lack of a clear desk policy can lead to serious security breaches. Often sensitive papers are left out and open for viewing by non-secure employees such as cleaning staff etc.

 

What Do Physical Penetration Tests Cover?

 

We will conduct reconnaissance of the security at the site, and then carry out a number of penetration tests which will offer a reasonable impression of the level of security at the building. If one is successful we will attempt to covertly gain access to other parts of the building and attempt to gain access to sensitive information.In order to test that staff are aware that security does not start inside the building and that Criminals and Terrorists often reconnoitre building before attacking them, we will carry out clear and obvious hostile reconnaissance at the site. The aim of this is to identify whether the security staff are focussed on the bigger picture of site securityWe will carry out an out-of-hours check to see how security conscious staff are at their workstation. This will involve unlocked pedestals, drawers, access to cupboards and sensitive information.We will write a report detailing our findings making observations and recommendations if relevant.Our Physical Penetration Testing services align with professional practices as recommended by ACPO and are an essential means of measuring compliance against international security standards.This survey provides a detailed review of the premises. A highly skilled member of our team will visit the premises at a pre-arranged time. They will meet the Facilities manager/ security staff and conduct a review of the levels of security of the site.The purpose of this review will be toExamine threats to the building.Identify good and poor practice.Make independent and informed comment on the levels of security attained.Risk assess the issues identified.Provide a report with considered recommendations.To complete these surveys we will employ trained staff, who are highly skilled in Crime/Counter terrorism. This service complements physical penetration testing, and can be carried out simultaneously.