Services - Assessments

Check your IT security setup and get a clear view of your organisation’s cyber resilience along with advice on how to improve it.

At Arco IT we understand the digital challenges that you can encounter in your day to day activities, the often confusing variety of information that you receive about real or alleged cyber attacks, and the dangers your company faces when you are subjected to security threats.

We understand your company needs to be prepared for cyber attacks, to have the right systems and procedures in place, and to have an internal awareness of the potential consequences.

We can assess your IT security resilience and provide you with a clear view of the readiness of your security controls ability to respond to potential threats.

Arco IT has developed a set of procedures and actions to assess your IT security setup: Express Security Check, Security Check, Vulnerability Scan, Penetrating Test, and Threat Intelligence.


Express Security Check

Why? You’ve heard about the current security threats and would like a quick check to verify that the basics are covered in your company. You’re looking for a verification of proper setup of the key components of your security defense: multifactor-authentication, email security, web browsing security, endpoint malware management.

Result: You get an understanding of what you already have in terms of a security minimum and what steps you might still have to take to ensure better protection for your resources. You gain knowledge of the viability of your current set-up. This ensures that the first steps of security have been taken.

Security Check

Why? You want to assure that your IT security setup is well aligned to your specific organizational needs, the current security threat landscape, as well as legal and compliance requirements. You want to understand the strengths and weaknesses of your current setup, in order to plan any necessary changes. You know that your stakeholders need a simple picture of the risks and threats you face. And you want recommendations for short-term, mid- and long-term actions that will help you keep things safe.

Result: This extensive security check spotlights the gaps in your security setup and allows us to devise a comprehensive list of improvements to be made to your system. They provide guidance on the current state of IT management, and solid reasoning for your management and executives.

Vulnerability Scan

Why? Researchers and hacker discover new vulnerabilities every day. Even if you’ve set up your systems initially in a secure way, new risks make them increasingly vulnerable. You want to make sure that your systems cannot be exploited by known attack methods. You want to feel comfortable that your security standards and your patch management leave no options for easy attacks by new malware.

Result: You’re sure that your assets are in good shape and well protected from current exploits. You also know where your systems still have weaknesses so that you can keep these under closer supervision and take action more quickly if needed.

Penetration Testing

Why? Beyond the scan for known vulnerabilities, you want to test specific systems to prove that they cannot easily be hacked by an attacker. You’re ready to use an expert’s know-how and tailored work to put your system to a deep test of its defenses.

Result: The report of a penetration testing campaign shows how your company would fare in case of a serious and targeted attack on your system. You will know which technical and organizational aspects can lead to a security breach. You can plan actions to close the gaps.

Threat Intelligence

Why? Every day new avenues of exploit are becoming available to the attackers. Fortunately, security specialists are usually just as quick in detecting and preventing them and publishing these methods. We make sure we are continuously up to date with these methods so we can give your systems state-of-the-art protection. Our cutting edge expertise can also discover recent infections that were previously undetected.

Result: Your organisation can be safer because you can identify attackers even if they are using previously published methods, giving you a better chance to avoid major damage from attacks.