Skip to navigation Skip to search Skip to content

Leuchter IT Cyber Security Audit

Get an overview of your IT security situation, its weak points and corresponding optimization options

00_Cyber-Security-Audit 720x480

The Leuchter IT Cyber Security Audit helps to assess and optimize an organization's IT security posture and reduce risks, regardless of whether it is an on-premises, hybrid or pure cloud environment. The audit is based on a collection of best practices and recommendations that can be implemented in an IT infrastructure to ensure optimal security.

To the offer

Why choose the Leuchter IT Cyber Security Audit?

More and more companies are falling victim to cyber attacks. Many do not know what the status of their IT security is and which investments are sensible or necessary. This leaves them unprotected against attackers.

With the help of the audit, companies receive an ACTUAL analysis of their IT security and important vulnerabilities are uncovered.

The identified vulnerabilities and recommendations from the Leuchter IT Cyber Security Audit can be settled independently with the help of the existing IT partner. The components can be planned, prioritized and implemented independently by the customer. We strongly recommend repeating the process annually to ensure an optimally protected network. By repeating the process annually, the Leuchter IT Cyber Security Audit thus fulfills all processes of the Deming Circle (also PDCA cycle: Plan, Do, Check, Act).

What does the
Leuchter IT Cyber Security Audit comprise?

The Leuchter IT Cyber Security Audit is a collection of over 280 checkpoints distributed over 30 modules. The checkpoints are evaluated according to their characteristics: cost, impact user or administrator, maturity level component, complexity, recurring, dependencies, relevance.

In order to be able to show an initial overview of cyber security as quickly and straightforwardly as possible, we conduct the audit in two phases. The first phase already identifies potential weaknesses and opportunities for improvement.

Only after the Basic Phase has been completed, the scope of the next phase, the Advanced, can be estimated. An implementation is optional and can also be scheduled for a later date.

To the offer


Analysis with recommendation

With the help of the results of automated scans, targeted manual checks and questions, vulnerabilities and misconfigurations are uncovered and presented in the Leuchter IT Cyber Security Audit.

The customer receives an evaluation of the analysis with recommendations, including a dashboard. Based on the evaluation, the customer can implement the recommendations independently or with the help of a partner in their own company in order to increase IT security.


Your advantages with us at a glance:

Carefully selected test points, which specifically reveal current, known and less known weaknesses

Standardized, pragmatic and goal-oriented approach, which can be adapted as needed

Partially automated scanning process

Adapted and realistic recommendations for improving cyber security

Many years of experience in the field of cyber security

Permanent further development and adaptation to new findings

Leuchter IT Cyber Security Audit Procedure

1. Planning and clarification of scope

The first step is to clarify the implementation with the customer in a discussion. The customer should provide a contact person for before, during, and after the audit. In the first meeting, the scope of the Leuchter IT Cyber Security Audit is defined and where the focus should be set.

In the initial meeting, the contact person already provides a first rough overview of the IT environment and how it is structured. This is followed by a definition of the period in which the audit is to be carried out.


2. Survey directly on the system

In the second step, the Leuchter technician checks the servers or clients provided. The test objects are scanned using the Azure Automation Desired State Configuration software. The current state of the infrastructure is checked and the configuration is added to the Leuchter IT Cyber Security Audit. Leuchter IT Solutions AG requires the test objects provided for this purpose.


3. Interview with IT managers

After the analysis directly on the system, further security components are discussed with the person responsible for IT security in the company. In particular, the components that could not be detected by means of automation are discussed. In addition, the implementation status of some components is checked.


4. Handover and discussion evaluation

In the final step, the Leuchter IT Cyber Security Audit is evaluated and handed over to the customer. In the process, the Leuchter employee develops solution proposals for the deficiencies found. The test objects can be released again and Leuchter no longer needs access to them.

During the handover, the catalog of measures including the results and recommendations is discussed with the customer (online or on site). After handover of the document, the customer has the option of implementing further components independently or with the help of Leuchter IT Solutions AG.


Costs and packages:
Leuchter IT Cyber Security Audit Basic

The costs listed below are one-time and per audit. An audit includes all the steps listed above.
  • Small

    CHF 2'500

    • 5 Windows devices
    • Unlimited user accounts
    • One firewall, switch, WLAN AP each
    • 1 Backup Target
    • Microsoft 365
    • 3 Applications
    • 3 known vulnerabilities
  • Medium

    CHF 3'500

    • 10 Windows devices
    • Unlimited user accounts
    • 2 Firewalls, 5  Switches, 5 WLAN AP
    • 1 Backup Target
    • Microsoft 365
    • 5 Applications
    • 5 known vulnerabilities
  • Large

    CHF 4'500

    • 15 Windows devices
    • Unlimited user accounts
    • 3 Firewalls, 10 Switches, 1 WLAN
    • Controller
    • 1 Backup Target
    • Microsoft 365
    • 10 Applications
    • 10 known vulnerabilities

The following is a selection of points that the
Leuchter IT Cyber Security Audit Basic checks for selected endpoints:

Windows Devices

Random samples of Windows endpoints are used to verify that they meet the minimum requirements. These include, among others:

  • Versions used
  • Patchlevel und Concept
  • Antivirus installation and configuration
  • Local firewall configuration
  • Extended protection via group line configuration
  • Browser Hardening
  • Encryption of locally stored data
  • Protection of the local hardware configuration

User account

  • Password guidelines
  • Admin Group Memberships
  • Control authorization concept according to recommendations

Network Security

  • Basic firewall configuration and lifecycle status
  • Basic network zone concept and switch configuration
  • Basic WLAN configuration and lifecycle status

Microsoft 365

  • Basic configuration Microsoft Tenant
  • Concept for cooperation with external parties

Data backup

  • Backup and Recovery Concept
  • Monitoring and assurance

Software in general

  • How are applications patched?
  • Vulnerability scanning base to identify for known software vulnerabilities

Do you have any questions? 

Get in touch with us. Together we will find the perfect offer for your company.


Personal consultation

A team of various professionals will take care of your inquiries concerning the topics IT infrastructure, organisation, communication and co-operation in the modern business world. Please consign your questions and messages to our team. A proven expert in these topics will contact you.
We look forward to your inquiry!

To the contact form
Team IT-Infrastruktur

Team IT-Infrastruktur

Beiträge zum Thema IT Sicherheit

Wissen ist Macht! Vor allem in der Prävention von Cyber-Angriffen. Informieren Sie sich deshalb in unserem Blog.