Internet/Network Security/computer/internet security
I am a self-employed contractor. I assess individuals for stability and emotional/mental health, then I email the report to the company I contract with. It's very confidential information.
I am interested in finding out how secure my computer and internet connection is. What kind of questions would I ask a company that assesses these things and how would I go about finding such a company?
Good morning Robin, I hope that I will be able to satisfactorily answer your question. I applaud your concern over such information being sent over the internet. From the perspective of your internet connection, if it is a commercial connection, i.e. Cox cable, FiOS, or something similar you are not likely to get very far in having a security audit done. It's very likely prohibited in their terms of service, and really, shouldn't be a concern. You are correct however in being concerned over your computer. From that perspective, I would ensure that you have a firewall installed and enabled and blocking access from external networks on all ports (unless you have additional requirements). Also, I would ensure that you have anti-virus and anti-malware both installed and maintained (kept up to date with definitions). If you're very paranoid about someone having access to the files while on your computer, I would also recommend using some sort of file or disk encryption. Of much more concern to me would be the e-mails that you are sending. I don't know your particular circumstance, but if you use some sort of webmail solution, you should at a minimum be using strong SSL/TLS encryption on the connection. Ideally, you would be using a VPN to connect to the company you're contracting with, and using encryption on the e-mails so that only the intended recipients may open them.
In regards to having the audit/pentest done, I would say it's not likely required as long as you have the firewall and anti-virus/malware software installed and you keep your computer up to date with the latest patches for the software you run. However, if you are adamant that you want someone to audit your PC/Internet Connection, these guys are top-notch http://www.offensive-security.com/
. There are also others of course, and a quick Google search for IT Security Auditing or Penetration Testing should yield the results you're looking for.
I know this is a fairly in-depth technical answer, so if you require any further clarification, don't hesitate to contact me again.