Information Security

InQuest provides security aware organisations with products and services that protect them from new-age dynamic security threats. 

What do we Protect?

We effectively protect our client’s information from unauthorized access, use, disclosure, disruption, modification, or destruction. This includes protecting information stored in electronic or physical formats, as well as information in transit over networks.

How do we do it?

The team at Inquest ensures implementing a combination of technical, administrative, and physical controls to mitigate risks to the confidentiality, integrity, and availability of information. Some of the technical control include firewalls, encryption, access controls, and intrusion detection systems. Our bespoke auditors will ensure tailored administrative controls involving policies and procedures. Our team of qualified professionals also provide training to ensure that employees understand and follow security protocols. Physical controls involve measures such as locks, cameras, and environmental controls to secure facilities where information is stored.

OUR SERVICES

  • Control Assurance Services: We evaluate an organization’s internal control system to ensure that it is operating effectively and efficiently. The main objective of control assurance services is to identify any weaknesses or deficiencies in an organization’s internal controls and to recommend actions that will help to mitigate the risk of fraud, error, or noncompliance with laws and regulations.
  • Payment Card Industry Data Security Standard (PCCI DSS ) Compliance Services : The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards created by major credit card companies to ensure that merchants who accept credit card payments maintain a secure environment for handling sensitive cardholder information. We assist organisations in being Compliant with PCI DSS.
  • Phishing assessment: We proactively test organization’s susceptibility to phishing attacks and help them to guard their business operations against any such attacks in future. Phishing is a type of cyber attack where an attacker sends fraudulent emails, text messages, or other communications that appear to be from a reputable source in an attempt to trick the recipient into providing sensitive information or taking other harmful actions.
  • Policy Management Services : InQuest IS specialists create, implement, and enforce policies and procedures within an organization. These policy guidelines help our clients to govern their operations, and cover a wide range of areas such as security, privacy, compliance, and risk management. Information security policy must be modified on a regular basis to protect an organization’s information assets from fast evolving threats and vulnerabilities.
  • Vulnerability Assessment and Penetration Testing (VAPT): We identify and address vulnerabilities in our client’s IT systems and networks, largely done through various methods, such as automated scanning tools or manual testing by expert IT security professionals. The goal of a vulnerability assessment is to identify potential weaknesses in the organization’s security controls and recommend timely remediation actions.
  • Applications Security Testing & Hardening: Web and Mobile Application testing (Android and IOS), Wi-Fi Security and Network security testing / hardening.