HOME

TheInfoList



Click Here for Items Related To - SekChek Local
OR:
SekChek Local on:   [Wikipedia]   [Google]   [Amazon]

SekChek security audit and benchmarking toolset dating from 1996.


History

SekChek was formed by two former auditors from
Deloitte and Touche Deloitte Touche Tohmatsu Limited (), commonly referred to as Deloitte, is an international professional services network headquartered in London, England. Deloitte is the largest professional services network by revenue and number of profession ...
in 1996. The toolset was a set of automated processes to analyse the logical security profile of a computer. The concept and initial version of SekChek was brought to Deloitte South Africa by Gordon Docherty and Jose Masson, who collaborated on the product design and deliverables with Chris Little CISA, CISSP from Deloitte's Computer Assurance Services Division in Sandton, South Africa. The first version analysed the control parameters for AS/400 systems. While the concept was good, the main concerns at the time were that (a) the clients had to send their operating system security files off-premise to SekChek for processing, and (b) the generated reports highlighted every parameter that wasn't in line with SekChek's world view of best practice. This led to reports of hundreds of pages being produced, with minimal prioritisation of the parameters to fix. Over time, these reports became more concise and user-friendly. On 20 March 2018 SekCheck's website gave notice operations would cease on 31 May 2018. Reasons cited included SekCheks' business model being less relevant to the business environment in 2018, a surge in compliance and regulatory requirements including
GDPR The General Data Protection Regulation (GDPR) is a European Union regulation on data protection and privacy in the EU and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and of human rights law, in partic ...
and monetary difficulties due to losses with the insolvency of a credit-card processor.


Products

The SekChek ''Classic'' product gathered information on a host which would then be sent encrypted to SekChek for report processing and enable checking security policies had been correctly configured. This originally worked on AS/400 but the number of platforms were extended in the next two years to encompass ed to Windows, Netware and Unix. Reports anonymously compared machines against the average from similar industry computers. The company introduced the ''Local'' version of its product in 2008 which avoided the need send data off-site. For windows there was a utility to specifically audit the Active Directory (AD) at domain level rather that at server level which was analyzed by the SAM tool.


Reception

The product was initially marketed as a ''security evaluator'' and was noted for providing comprehensive reports of the security vulnerability of a computer system.


References

* * * {{Dead link, date=November 2018


External links


SekChek Home Page
Computer security software Information technology audit Computer-aided audit tools Data analysis software