Consulting Services

We take the time to understand your business and processes to help provide context around your IT or network analysis and try to understand data flows and patterns in tracing communication and packet analysis. This allows us to get a more full picture in how our recommendations can help your business as well as achieve your productivity goals

We provide a variety of consulting services to help you meet your cyber security needs. If you think your IT security needs to be protected by millions of dollars of equipment investment, think again, and talk to us before you make any major purchases.

Vulnerability Assessment

We are skilled at various free or paid Vulnerability Assessment tools. We communicate with your various departments and understand your operations, as often human controls, not technology, pose the greatest cyber risk of your organization. On top of that, we do periodic assessment of your systems, software and networks to identify areas and specific items of risk, then provide action items for ramification.

Cryptography Consulting

No system is without risks. We must accept the fact that some time, somewhere, somehow, some system will be compromised. The key to protecting against cyber threats is to have layers of security so first and foremost, when the first layer of security is compromised, the core parts of a system will still be protected.

Also, computing power is increasing every day, and existing encryption technology is becoming obsolete quicker ever. If your IT team does not have a mathematician, chances is that your systems are already at risk. Talk to us before it is too late.

Security Architect

If you are starting a new project, chances are that you are using a diversity of latest technology, including cloud, AI, big data, mobile devices, and embedded systems in IOT devices. Since all of them will most likely be connected, you will want to know where your system can be vulnerable, and what can you do about it. Items to consider includes:

  1. Compartmentalization of data
  2. Secure APIs
  3. Linux and embedded systems hardening
  4. Multi-factor authentication
  5. Trusted vs untrusted code
  6. What firewalls can and cannot do
  7. Application firewalls
  8. Logging and forensics

If your system, data and customers are important to you, make sure you consider these and talk to us before you move forward with your new project.

Digital Forensics

In the event of security breach, if your system was not designed with proper security concepts, you may or may not be able to find out what happened. Hackers and identity thieves may or may not leave a trail. If at least your servers and firewalls are configured with logging, we will at least be able to tell you what might have happened and how you can avoid breaches in the future.

Penetration Testing

There are various ways we can let you know if your systems are vulnerable. Penetration Testing provide means for much deeper analysis if your risks, by actually attempting to break in to your systems, after proper explanation and signing of non-disclosure agreement.

  1. Internal Testing – you let us come into your office, and we use a standard non privileged computer inside your office to see how far we can go
  2. External Testing – we do not go into your office, and we see how far we can go
  3. Single Blind Testing – you do not tell us any information about your systems before we make the attempt
  4. Double Blind Testing – you do not tell us any information about your systems, and you do not tell your staff that someone will be performing penetration tests
  5. Specific Tests – we sit together with your staff to do the penetration tests and work with them to improve security together

Security Auditing / Code Review

If we have not participated in security architecture in your system, we can still assist by doing a security audit and code review of your system. We sign a non-disclosure agreement with you, ask questions, look at your code, and let you know where the system can be vulnerable so you can ask your own team or hire consultants to improve security for you.

You would check if your door is locked when you leave home. Your employees should do the same for your servers, computers, mobile, phones, printers and webcams. And in case they tend to forget, we have ways to do it for them and gently help them remember.

Contact Us

Contact Us

  • Suite 806, 8/F, One Midtown,
    11 Hoi Shing Road,
    Tsuen Wan, NT, Hong Kong
  • +852 3468 3311
  • info@blueskysvc.com