Whitelisting

Background
A whitelist explicitly allows e-mail messages or access to your network, web application, or other IT related assets. Without whitelisting a specific sender, you may not receive important e-mail messages.  In addition, some security audit penetration tests include an evaluation of systems without the auditor whitelisted and a second evaluation with the auditor whitelisted.  The purpose of the whitelisted audit is to identify an organization's risks if an intruder or attacker gets past the initial security protection boundary.

E-mail Whitelisting
Altius IT recommends that organizations whitelist our domain name altiusit.com.  This ensures that our prospects and clients receive important e-mail communications related to the project scope, proposals, project related communications including Worksheets, and report deliverables.

Audit and Penetration Test Whitelisting
In most instances, you do not need to whitelist Altius IT's addresses for our audits and penetration tests. This allows us to provide our clients with a "hacker view" of vulnerabilities.

Whitelisting Process
The steps needed to whitelisting e-mail, networks, and web applications vary according to the environment, type of equipment and software used, and hardware and software versions. In addition, some organizations may have their infrastructure hosted internally while others use external or outside cloud services. Altius IT recommends that you contact your IT support or service provider and ask them to whitelist Altius IT (altiusit.com).

Summary
Security audits and penetration tests are important processes that help organizations manage their security risks.  Whitelisting Altius IT's domain name (altiusit.com) helps ensure that you receive important communications and reports from Altius IT.  On some engagements, Altius IT's network addresses need to be whitelisted.  Please contact us for our current list of network addresses used in our audits and penetration tests.