Penetration testing is an integral part of your compliance plan, the increased number of health care record hacks and the resulting costs make penetration testing a valuable necessity.
Total HIPAA penetration testing replicates techniques used by hackers to determine how a
system will react to an attack, identify weaknesses, and determine what information can be
acquired. Penetration testing is performed from multiple angles: against public-facing servers
via the Internet, and against internal systems from within the network. In-depth scans are
performed against servers identified in the research process to determine exactly what
software is exposed to the outside world. Using a combination of open-source and proprietary
hacking tools, attacks are carried out on these systems, attempting to gain unintended access
to the servers.
Upon completion of testing, a detailed report is produced which includes a summary of steps taken to infiltrate company systems, missing/ineffective controls, action-items to secure the business organized in a timeline based on severity, and technical data to assist with remediation.