Test University Cyber Security Defences

Home > Services > University IT Security Health Check

University IT Security Health Check

Universities as places of learning depend on the ability to share data but need to do so without introducing undue risk to its data used by students or staff. A University IT security health Check  (ITHC) will provide you with the assurance that your data is appropriately protected.

  • Identify publicly available data with an Open Source Intelligence exercise
  • Identify vulnerabilities between Campus and University Business Systems
  • Assess the risk of a phishing attack
  • Reduce IT risk and address vulnerabilities that could result in data loss

A recent test of UK university defences against cyber-attacks, found that in every case, hackers were able to obtain “high value” data within two hours (source: BBC News).

With more and more personal and sensitive data being held by Universities and Research Centres, these institutions are at an increased risk of attack or a breach.  Phishing attacks are particularly prevalent, with phishing emails becoming more sophisticated and authentic looking.

With many years of experience of evaluating security, penetration testing and conducting red teaming exercises for our clients, Prism Infosec is ideally placed to offer this short and competitively priced University IT Security Health Check.

The service is designed to be delivered in less than a week, with an initial Open Source Intelligence test to identify vulnerabilities in publicly available data:

  • OSINT Assessment
  • Assessment of Campus to University business unit Security (e.g. HR, Finance et al).
  • Architecture Review
  • Simulated Phishing exercise (Up to 300 accounts)
  • Full report with Executive Summary and remediation recommendations
  • Health Check debrief if required

University ITHC deliverables include a report highlighting areas of IT risk identified and prioritised and pragmatic recommendations for reducing this risk.

A further optional on-site debrief of the key findings and recommendations can also be provided, if required, which can facilitate interactive discussion of key points with internal teams.

Email Prism Infosec, complete our Contact Us form or call us on 01242 652100 and ask for Sales to setup an initial discussion.


Frequently Asked Questions

The IT Security Health Check will focus on other areas that may not necessarily be assessed during an Infrastructure or Web Application Pen test. This service is a focussed test which simulates the approach that real hackers may take to compromise your systems.

For the OSINT Assessment, no details or preparation is required. This is essentially a “black box” engagement, where our Consultant will use a toolkit to attempt to find available data, just as a real hacker would.  For the Internal Pen Test element, we may need a few details to enable a smooth and effective test.  For the Phishing exercise, we just require the target email addresses, and potentially a relevant theme for the email content.

Yes, our consultants will work with you to determine areas to focus on. This may mean a separate engagement to the Health Check package.

The majority of the test can be conducted remotely, however there may be some elements that will require a consultant to conduct testing onsite.

request a callback

  • Fields marked with an * are mandatory

  • This field is for validation purposes and should be left unchanged.

Additional services in this category