Who uses SekChek?
The names of specific clients are confidential. However, users of SekChek
include major organizations in banking & insurance, airlines, mining,
manufacturing, retailing, shipping, transportation, government, building & construction,
import/export, food & beverages, farming, security
consultants, IS professionals, internal auditors & general management.
SekChek has been used across all industry types in more than 110 countries around the world.
How can SekChek help with our compliance efforts, such as SOX and HIPAA?
Many clients use SekChek on a regular basis as part of their statutory compliance and internal audit reviews. SekChek is well placed to help out in these areas because:
- It provides an independent point-in-time snapshot of security controls;
- The graphical analyses provide a quick indication of whether security controls have strengthened or weakened since the previous time SekChek was run on a platform;
- SekChek's consistent reporting from one analysis to the next avoids the risk of inconsistent interpretations between analyses over time;
- Similar reporting formats across platforms analysed (Windows, UNIX, AS400 and NetWare) ensure a consistent standard in the interpretation of security controls.
Can I pre-authorise Token Requests?
Yes. Please forward the following information to SekChek:
- Name of person submitting the Token Request;
- E-mail address of person submitting the Token Request;
- SekChek Local platform (SAM (workstation/server) or AD);
- Number of scans in this Token Request (applicable to SAM only);
- Charge/DIS/SA/WBS Code if applicable.
Please note that one pre-authorisation is valid for one scan, although up to 15 servers (or 1 Active Directory) can be scanned at a time.
Once we receive this information, we will configure the pre-approval to expire after one week. Should the consultant require a longer time-frame to execute the scan(s), this should be indicated within the request. Alternatively, a new request for pre-approval should be made with us.
What platforms does SekChek run on?
SekChek will run on all current versions of OS/400 (iSeries), Windows NT/200X/Vista/Windows 7 and UNIX operating systems that are Bourne Shell compatible, such as AIX, HP-UX, Linux, SCO and Solaris systems. It will also run on versions 4, 5 & 6 of Novell/NetWare systems.
What impact will SekChek have on my system?
From the very outset the SekChek Extract software was designed to be non-intrusive, make ZERO changes to
the host/target system, and leave no trace behind after the extract process has completed. With thousands
of SekChek's behind us, we are not aware of any reports of SekChek impacting on a host system in any way.
Where do SekChek’s Industry Averages come from?
Perhaps the most important point is that SekChek’s Industry Averages are not merely
based on some static, theoretical average for computer security. Industry Averages used in summary
reports are dynamic, real-life averages that are automatically updated after every
file we process, using summary data extracted from each file.
SekChek compares security controls on your system against a unique database containing more than 60,000 records and 30 million individual security metrics.
I heard SekChek can measure security against various
standards. Tell me more!
SekChek typically measures security against internationally recognized
security standards because that's what most people want.
However, some clients prefer us to substitute their own (internal) security standards and
to report against those. This helps them monitor how well their security policy is implemented
and complied with and also alerts management to deviations from policy in specific departments or on certain computers.
We have a database of real/actual industry averages for security. This is quite unique.
We can currently compare (graph) security over different points in time, over several machines, and calculate
security norms and averages by industry type and geographical location. This can produce some interesting results!
Contact us for further details.
Can SekChek compare security over time and system?
Yes, SekChek provides graphical comparisons of basic security settings and user accounts defined on a Server or Domain at two different points in time. This helps you to quickly determine:
- Whether security has improved, worsened, or remained about the same since the previous review;
- The effectiveness of your measures to strengthen controls;
- Whether risk is increasing or decreasing
Can SekChek produce an audit trail of changes since the previous scan?
Yes, the SekChek Local tool can generate a list of changes (before and after images) made to security objects since the previous scan of the system or Active Directory domain.
The report can be used to confirm that only valid and authorised changes are being made to security accounts by comparing the list of modifications against the relevant change documents approved by management. You can also use it to detect malicious or damaging changes that may have been made to your system’s security accounts or to confirm that large numbers of security changes made by an automated script were successfully applied.
Can we exchange encrypted email (S/MIME, SSL or TLS) with SekChek?
Yes, our Mail servers are configured to send and receive email using TLS (Transport Layer Security / SSL). If the TLS protocol is enabled on your Mail server all email traffic between SekChek’s domain and your organisation’s domain will be automatically encrypted.
SekChek also supports S/MIME, which ensures full end-to-end encryption of email. You can download SekChek’s certificate from our web-site.
Let us know if you need more information regarding options for encrypting email.
How secure are the encrypted SekChek files &
reports?
Very!
SekChek employs various industry-standard encryption algorithms and techniques to ensure the security of your data. These include Public Key encryption techniques based on the RSA algorithm, and symmetric encryption techniques using algorithms such as AES and 3DES.
Tell me about your subscription service!
The most convenient & cost effective way to use SekChek is through a subscription. The pricing
structure is very simple - the more SekChek's you subscribe to, the
less they cost per copy. Contact us for more details.
Prices are consistent across the entire SekChek range (AS/400, NetWare, Windows & UNIX), so you only need purchase one subscription. You are free to choose and mix different SekChek services in the same subscription.
Once your subscription is confirmed you just send us your security files for processing any time
you are ready. From time to time we will send you a statement indicating your usage of SekChek and we will
issue a reminder just before your subscription is consumed. Subscriptions have no time limits attached to them.
What payment options are available?
Direct (Bank-to-Bank) transfer
This is the preferred option. In general, it is the quickest and safest payment method.
Cheque payment
If you prefer to make payment by cheque we recommend that you send your cheque via a courier company, rather than the regular postal system.
We have special arrangements in place with UPS, Fedex and DHL, which help to speed up the process.
Credit Card payments
We can also accept payment via a secure Credit Card payment system managed by Kagi.
Contact us for more information on any of these payment methods.
Does SekChek support charities?
Yes, other than direct donations to specific charities, we offer significant discounts on our published prices to registered charities and other worthy causes. Please contact us for details.
What are your plans for SekChek?
Our guiding principles are ease-of-use and interpretation; non-intrusiveness on the host machine; low cost; and speed of delivery.
Some of the more specific areas we are focusing on include improved graphical summaries,
trend analyses (spanning time, machines, departments etc.), and 'industry average' bench-marks by industry type and geographical location.
The direction the SekChek service takes is largely determined by your requirements and needs. Tell us what you want.
What is the difference between the Client software,
Extract software & Processing Engine?
The Client software contains usage instructions, encryption/decryption software,
sample reports and the ability to create additional copies
of the Client & Extract software. It typically resides on your PC.
You use the Extract software to extract security data from an AS/400, NetWare, UNIX,
Windows NT/200X host/target machine. It will only run on those systems.
The Processing Engine is used by the SekChek team to process your extracted
security data, to calculate industry averages & comparisons,
and to generate/encrypt your SekChek report.
What are the differences between the SekChek Classic tool and the SekChek Local tool?
SekChek Local allows you to scan and analyse multiple Servers at a time. The software runs on your workstation and scans target Hosts across the network. Because Scan data is processed locally on your PC, there is no requirement to send data off-site for processing.
SekChek Classic provides you with a comprehensive report in MS-Word and Access / Excel formats, including non-technical summary reports, an Overall Rating of security against real-life industry averages, implications and general recommendations
See Benefits,
SekChek Local vs SekChek Classic for a more detailed comparison of SekChek's 'Classic' & 'Local' tools.
What are the copyright restrictions on the software?
Quite simply, NONE! Although we retain the title and ownership of the SekChek software,
you are free to use and to distribute the software in its current form to anyone you wish.
However, you are not allowed to attempt to modify, translate, reverse engineer, disassemble,
or to create derivative works based on the software without the prior written consent of SekChek.
Can SekChek analyse Registry keys and NTFS permissions?
Yes.
SekChek can report on values for System Registry keys and analyse DACLs (Discretionary Access Control Lists) and SACLs (System Access Control Lists) for files and directories.
You do this by defining the list of the Registry keys, and the names of the files and directories you want to analyse in file sekchek.inp. See SekChek for Windows' Extract instructions for details in the SekChek Help File.
What are the minimum hardware and software requirements to run a SekChek Local Scan?
SekChek Local requires Windows 2000 Professional (or later) with IE 5.5 (or later). The recommended minimum amount of RAM to Scan a large Active Directory domain is 1.5 GB.
SekChek's reporting features require MS-Office 2003 (with MS-Access) or later. If you use MS-Office 2000 please write to inbox@sekchek.com and request a special version of the Report Database.
What is the largest system analysed by SekChek?
The largest domain analysed by SekChek contained 200,000 user accounts and the security reports and benchmark summary were produced within a few hours of completion of the Scan.
You may be interested to know that to date, SekChek has analysed 60 million user accounts and 20 million security groups on systems belonging to many of the world's largest and best known organisations.
Some other interesting statistics are:
- 35 million network attached Servers and workstations
- 6 million Windows services
- 150,000 locally attached disk drives
- 150 million DACLs
- 1 million hot-fixes
In short, there is no limit to the size of system that SekChek can analyse.
Does SekChek provide other security tools and utilities?
Yes, SekChek offers several free security-related tools, such as:
- SekCrypt (TM), an industry strength file encryption / decryption utility. SekCrypt is fast and uses robust, state-of-the art encryption algorithms, such as AES and RSA
- A tool that queries 'hidden' Active Directory properties on security accounts. Examples are the date/time that an account was last used to logon to a system and an account's unique SID or GUID. The tool will query all domain controllers to obtain accurate values for properties that are not replicated across DCs by the Windows OS
- A utility that resolves SIDs to their friendly names and finds orphaned SIDs defined on files and directories in NTFS
- A file hashing function that is useful for confirming whether the contents of a file have been changed
- A 'Ping' utility for testing connectivity to other systems and domains on your network
These utilities are embedded in the SekChek Classic and Local software.
|