IT Health Checks

Penetration Testing Services

An IT Health Check is a necessary step for public sector organisations wishing to access the UK Government’s Public Services Network. Establishing the security level of those organisations in order to maintain the safety of the network.  

ITHCs aim to verify protection against unauthorised access or changes in external systems and confirms no internal weaknesses that could compromise network or system security. 

What are IT Health Checks?

An ITHC stands for "IT Health Check". This is a report required by the PSN compliance process and aims to provide assurances that an organisation’s systems are adequately protected from external access, thereby ensuring they do not provide unauthorised entry into the PSN and its services.  

The ITHC is a report created from various tests and outputs, including external tests of email and web servers and firewalls, as well as vulnerability scanning, device configuration analysis, wireless network scanning and gateway configuration. Penetration testing can be applied to ascertain the integrity of defences.  

The scope of the report will vary across different types and sizes of organisations, and a qualified ITHC partner will work with you to determine worthwhile exercises to provide the correct level of assurance.  

Why are IT Health Checks important?

  • Ensuring PSN compliance: An ITHC is an essential requirement to obtain compliance for PSN access. The report generated will provide an overview of vulnerabilities present in your network infrastructure, and allow you to complete your application.

  • Vulnerability Assessment: While an ITHC is required for your PSN compliance, the report can also serve as an overview of your weak points and vulnerabilities. It will provide you with a list of issues and a remediation plan to better safeguard your business overall. 

  • Preventing Data Breaches: An IT Health Check can serve to generally strengthen your cyber security, using penetration testing methods to determine where you might experience breaches, preventing loss of data, resources, and finances.  

IT Health Checks in Practice

The Challenge

A housing association aims to build a partnership with another public sector organisation to provide tenants with enhanced options and an improved housing experience. To work effectively together, the housing association must access the Public Services Network to create communication pathways.  

The Solution

The housing association engaged an ITHC partner to provide an expert IT Health Check report. Utilising cyber security expertise is essential to produce an appropriate report as part of the PSN compliance process.  

PureCyber was able to scope the appropriate ITHC needs for the housing association and ensure the report provided the correct assurances to meet compliance. The pen testing team carrying out the report also provided wider context of the housing associations cyber defences and was able to suggest robust remediation steps to address weaknesses:

  • Vulnerability Assessment: Identified and offered remediation for network and application weaknesses. 

  • Compliance Audit: Ensured alignment with industry regulations. 

  • Security Architecture Review: Strengthened firewall configurations and access controls. 

The Results

The housing association was able to complete the PSN compliance process.  

  • Vulnerabilities in the network were remediated and tenant data was safeguarded.  

  • The value of more comprehensive cyber security policies and more regular testing was demonstrated to senior leaders at the company.  

  • Improved cybersecurity posture and regulatory compliance readiness. 

Team of experts 

PureCyber’s pen testing team has a wealth of experience working closely with various types of businesses. 

PureCyber IT Health Checks

External Testing 

Experienced pen testers will evaluate internet-facing systems like email servers, web servers, and firewalls to determine effectiveness of preventing unauthorised access. 

Output Reporting 

Provide detailed reports summarising vulnerabilities by type and severity, offering remediation action plans to match the ITHC criteria.  

Internal Testing 

The team will assess internal systems to determine security of configurations and interoperability, with the aim of identifying vulnerabilities.

Third-Party Access Testing 

Assessing systems with third-party access for potential external connections and establishing their security before use of PSN.  

Remedial Solutions 

Offer solutions for identified vulnerabilities, suggesting both short-term and long-term actions. Remediations to meet criteria and beyond to create a robust cyber security posture.  

Contact PureCyber

Contact PureCyber about IT Health Checks

 IT Health Checks FAQs

  • The scope of each ITHC will differ between organisation, depending on size, operations and other factors. Experienced penetration testing and IT Health Check specialists will work closely with businesses to determine the scope of the ITHC that will satisfy the criteria of the PSN compliance process.  

    There are many types of penetration tests that can be carried out as part of the IT Health Check, including but not limited to: 

    • Network and host configuration 

    • Web application 

    • Wireless network 

    • Client-server application 

    • End User devices such as laptops or mobile phones 

    • Social engineering 

    • Build configuration 

  • An ITHC is a specific report required of public sector organisations looking to connect to the UK Government’s Public Service Network. The report looks at various internal and external tests to provide assurance of adequate network security.  

    For regular testing or a more general cyber security ‘health check’, it is recommended that every business should carry out this type of review on a regular basis if they are serious about implementing robust cyber security protections.  

  • If you have a requirement to conduct an ITHC on your network and/or application, please contact us, call us on 0800 368 9397, or email us at info@purecyber.com.

IT Health Checks as part of managed cyber security subscriptions

Foundation Subscription

  • vCISO is included in our foundation subscription package.

  • Consultancy services provided to you by our expert team.

Core Subscription

  • Includes vCISO as part of our comprehensive cybersecurity services.

  • Consultancy service tailored to your needs is conducted by our experienced team.

Total Subscription

  • Offers complete cybersecurity coverage with vCISO included.

  • Our expert consultancy team conducts thorough assessments aligned with your security goals.

Independent Service

  • vCISO can be requested as a standalone service or a one-off project.

  • During onboarding, our team reviews and customises the consultancy approach to meet your specific requirements.

  • Tried & Tested Cyber Security Basics

    As organisations often become preoccupied with identifying new cyber challenges, foundational security practices can inadvertently become neglected, leading to vulnerabilities that cybercriminals can exploit.

    Get the basics down

  • Managing Cyber Risk In Charities

    At PureCyber we cannot stress enough the importance of adopting robust cybersecurity practices for charities to ensure their sustainability and resilience in the face of evolving cyber threats.

    COMMON CYBER RISKS AND STEPS TO TAKE

  • What is your Cyber Security Posture?

    ‘Posture’ is a buzzword that you don’t want to dismiss. Think of it like your organisation’s immune system – ready to defend against potential cyber attacks and keep everything healthily ticking along.

    How can you fix your cyber posture?