IT "MOT" - What is the purpose?

When you take your car for an MOT the resulting certificate issued is quite understandable, it explains whether or not your vehicle is in a suitable, roadworthy condition.

Unfortunately to a large percentage of clients, the reports they receive do not sufficiently explain whether or not their systems are suitable, instead they have to rely on their interpretation of the results, which is usually where issues arise.

The use of "MOT" like certifcate can aid in simplifying the assessment results for clients who may not have a complete understanding of:

  • Whether they are at risk
  • Which issues definately need remediation
  • Which issues are unimportant

While the conventional "traffic light" system for risk ratings may make sense to technical people, it often can lead to confusion with non-technical personnel. CQrity Limited believe by simplifying this process further, it will help clients gain a more in-depth understanding of the risks, while not removing any value from the technical reporting.

The use of basic "MOT" style certificates allows clients to see if the assessment has resulted in a 'pass' or 'fail', yet still provide further information regarding how they could further improve their security posture.

What benefits do we gain from this format?

CQrity Limited believe the following benefits will be gained from using this reporting format:

  • A report you are able to provide to your clients, without divulging to many technical details
  • A clean, simple to understand "certificate" based report
  • A report which can be produced quickly when you need proof to show due diligence or compliancy to prospective clients
  • A simple, easy to understand format

But why compare IT Security to a MOT test?

We're glad you asked that.

When you break things down into the lowest common denominator, looking after your IT Security is no different to looking after a car. Each part of your car needs to be maintained in order for its passengers to be safe. Using this analogy, we can then map the parts of the car, or test, back to IT equipment, for example, the engine could be thought of as a server, as this is what "powers" your web site / network. Other similarities can be drawn too: ul>

  • Exhaust & emmissions = Information leakage
  • Registration plate / VIN = Authentication
  • Alarm - Intrustion Detection System
  • Immobiliser - Intrusion Prevention Systems
  • Doors - Access control
  • Seat belts - User segregation
  • ECU & Dashboard - Alerting/Monitoring
  • These are just a few similarities, however a lot more can be drawn if you spend more time thinking about it.

    Does this replace the standard report we usually receive?

    This style of information presentation is not intended to replace our standard reporting format, instead clients will receive both versions, the report format they are currently used to, and the new style of report. CQrity believe that these reports compliment each other, resulting in multiformat presentation medium which will help clients improve their security posture. There is also no extra charge for reporting in this format.

    Want to sample this for FREE?*

    CQrity limited is also offering this as a free* service to new clients. The assessment is limited to 3 IP Addresses, and/or a basic website. If you are interested trying this service, and seeing how CQrity Limited can help your company, contact us today - info@CQrity.co.uk / +44 01535 872 873

    * Terms & Conditions apply: Limited to 3 IP addresses and / or one basic web site. One basic assessment per company, and where companies have multiple holding / parent companies only one per group. Company must seek and provide evidence that sufficient permission has been sought from hosting company or any third party, or be able to show they own the assets and authorisation must be provided by a director of the company. CQrity Limited reserves the right to refuse to perform any assessment. By contacting CQrity limited for the purpose of this offer, you are hereby agreeing to opt in to future correspondence, including sales calls.