A common opinion amongst Security Professionals is that the main security risk to an organisation's network is from malicious internal users. Whilst this opinion is often contested, a trusted internal user generally has greater opportunity and a larger potential target area for attack than an attacker outside the networks perimeter.

Most organisations employ multiple levels of authorisation for systems and domains within the network. These levels range upwards from guest users to administrators and often include users with multiple roles. There is a need to ensure authenticated users are only able to access the data they require to fulfil their role and are restricted from accessing unnecessary areas. The use of multiple levels of authorisation should be designed to restrict a malicious, authenticated user from escalating their rights and thus gaining privileged access to sensitive systems.

An Internal Infrastructure Assessment analyses the restrictions in place and the rights granted to the different levels of authenticated user. The Portcullis Team will attempt to overcome the restrictions placed upon them to establish their effectiveness in enforcing security policies.

Internal Infrastructure Assessments also provide assurance of the resilience of internal systems to generic network traffic, by analysing systems for known vulnerabilities and common mis-configurations within the network services they provide.