Wolf & Company has worked extensively with large healthcare clients—and until recently, we’ve been able to meet with those clients on site to deliver quality services. But the recent COVID-19 pandemic has diminished the ability to perform services that are normally conducted in person, pushing organizations to offer more and more services remotely. In order to continue offering essential penetration testing services for clients, we had to shift to remote conduction while maintaining the quality of our tests.
Challenge
One of our larger healthcare clients recently came to us for internal penetration testing services that we hadn’t previously performed for them. Due to COVID-19, they needed this work to be performed remotely. To further complicate things, The Company was in the middle of a large restructuring initiative with its overseas segments.
The Company also expressed concerns about whether the quality of the security assessment would remain the same if conducted remotely. We’ve had a strong, long-standing relationship with this client, and given the difficulty of the scope, timing, and technological complexities of their situation, we worked diligently to ensure a high quality, stress-free remote penetration test.
Solution
Our penetration testing team developed a remote penetration testing “drop box” that can be sent to a client anywhere and requires minimal setup. Once the box is plugged into a network, it “phones home” to our servers, and we can conduct our testing as if we’re sitting in the client’s office.
The Company was happy to try this service, since it cut down on risk related to COVID-19 exposure, saved them our consultants’ travel costs, and required a minimal footprint to operate.
Result
After we sent The Company our drop box, they plugged it in, we received a connection to our server, and network penetration testing began.
From capturing traffic, to performing man-in-the-middle (MITM) attacks, to cracking and spraying passwords, our team was able to perform all necessary procedures effectively and efficiently in a remote environment.
During testing, we helped the client validate a broad range of controls, including:
- Asset management
- Exposures related to business restructuring
- Incident response measures
- Issues with endpoint security
- Patching and unsupported software
- Security operations center alerting
After using our drop box to visually map out their Windows environment, it became clear that the parts of their business that they no longer owned (but were still networked during the migration) were not appropriately segmented. This meant that any hacker that gained access to a privileged account inside of their environment would have the proverbial “keys to the kingdom” for not only their U.S. operations, but also the international portion that they no longer owned—setting them up for massive lawsuits, lost revenue, public trust issues, and reputational harm.
After bringing this to The Company’s attention, we explained the risk, gave detailed information on exactly which accounts, network segments, and overall domain trusts were problematic, and helped them understand how to mitigate these potentially detrimental threats.
Takeaway
- Wolf’s remote penetration services remain consistent in quality and performance
- Advanced network penetration testing tools ensure a smooth and safe security assessment
- A thorough penetration test helps enhance security posture and helps align programs with security frameworks
