IT Health Check (ITHC)

Let our highly qualified team of CREST and TIGER scheme approved testers work with you to complete your IT Health Check (ITHC). The team at Fidus have been trained in the most rigorous of security testing procedures and have successfully passed industry recognised certifications. Our consultants have extensive experience of carrying out IT Health Check assessments

An IT Health Check is typically performed as part of a PSN CoCo compliance assessment and provides assurance that entry points into networks containing PSN devices are secured.

High level overview of an IT Health Check:

  • Infrastructure Testing – Internal and External
  • Application Testing
  • Build Review Assessments
  • WiFi Assessments
  • VLAN Assessments
  • Configuration Reviews
  • Compliance Checking
  • Mobile Device Assessments

IT Health Check Process

The IT Health Check (ITHC) process may seem complicated and convoluted, but it doesn’t have to be.

You’re more than likely reading this paragraph because it’s time to get your Public Service Network (PSN) certificate renewed and it requires an ITHC to do so. The IT Health Check is a type of Penetration Test in which specific criteria, set by the government, needs to be assessed and reported on. These are as follows:

  • External scanning of public facing assets, including; VPN’s, email portals and websites.
  • Internal testing of 10% of your IT estate, including servers. If the total number is low then all servers and desktops should be assessed.
  • Firewall Configuration Review of the Public Service Network (PSN) firewall. It is highly recommended to also have your main firewall rules reviewed.
  • Desktop and Server build configuration assessment.
  • Mobile Device Management (MDM) assessment.
  • Wireless Network configuration assessment.

It is important to select the right provider for these assessments. Our consultants at Fidus are CREST and TIGER scheme approved with a wealth of experience delivering IT Health Check assessments.

Get in touch with Fidus InfoSecurity