Computer Services, Inc. (CSI) has added Internal Penetration Testing to its existing regulatory compliance offerings for its Risk and Information Security Consulting (RISC) Services group. With CSI's Internal Penetration Testing, RISC Services consultants examine an organization's internal systems, assuming the mindset of a hacker who has infiltrated the network, to uncover potential vulnerabilities. Once system weaknesses have been identified, CSI's RISC Services consultants attempt to exploit these vulnerabilities through hands-on, manual testing and research of each area of concern--a method that better identifies key issues that a basic scan would likely not detect.

Following the penetration testing, CSI's RISC Services consultants provide a detailed list of observations and recommendations to rectify the identified weaknesses and lower risk levels. Additionally, organizations are given thorough documentation to simplify further risk assessment, control decisions, service provider arrangements, security breaches or violations, and testing results. As an added feature to the Internal Penetration Testing service, CSI offers a Wireless Network Audit, which uncovers vulnerabilities associated with the encryption and authentication methods in use on the organization's wireless network.

This additional service also explores potential weaknesses in a company's employee base by using limited social engineering attempts to entice users to connect to unauthorized access points. CSI's RISC Services also offers Information Security Reviews, External Penetration Testing, Social Engineering Testing, Red Flags Reviews, IT Audits, BSA/AML Audits, bank website compliance audits and internal vulnerability assessments. Each of CSI's RISC Services solutions provides users with a well-balanced mix of analysis, technology, reporting and industry expertise to comply with new industry regulations and mitigate potential network security risks.