Whitelisting


Background
A whitelist explicitly allows e-mail messages or access to your network, web application, or other IT related assets. Without whitelisting a specific sender, you may not receive important e-mail messages.  In addition, some security audit penetration tests include an evaluation of systems without the auditor whitelisted and a second evaluation with the auditor whitelisted.  The purpose of the whitelisted audit is to identify an organization's risks if an intruder or attacker gets past the initial security protection boundary.

E-mail Whitelisting
Altius IT recommends that organizations whitelist our domain name altiusit.com.  This ensures that our prospects and clients receive important e-mail communications related to the project scope, proposals, project related communications including Worksheets, and report deliverables.

Audit and Penetration Test Whitelisting
In most instances, you do not need to whitelist Altius IT's addresses for our audits and penetration tests.  This allows us to provide our clients with a "hacker view" of vulnerabilities.

Whitelisting Process
The steps needed to whitelisting e-mail, networks, and web applications vary according to the environment, type of equipment and software used, and hardware and software versions.  In addition, some organizations may have their infrastructure hosted internally while others use external or outside cloud services.  Altius IT recommends that you contact your IT support or service provider and ask them to whitelist Altius IT (altiusit.com).

Summary
Security audits and penetration tests are important processes that help organizations manage their security risks.  Whitelisting Altius IT's domain name (altiusit.com) helps ensure that you receive important communications and reports from Altius IT.  On some engagements, Altius IT's network addresses need to be whitelisted.  Please contact us for our current list of network addresses used in our audits and penetration tests.


Security Blog menu  

Tags: whitelisting | white listing

 


Certified Auditors

Certified Information Systems Auditors
Altius IT's auditors are certified to audit your systems and issue reports and opinions on your security. We help you identify, manage, and reduce your risks. Our comprehensive audit service uncovers gaps in your existing defenses so that you can better:

  • Fortify your network infrastructure
  • Comply with regulatory requirements
  • Protect your valuable assets

For a full list of our certifications please visit our About Us page.