security is not a product, it’s a process
-Bruce Schneier, security guru
Networks are dynamic threat magnets.
Networks grow, shrink, change and divide themselves continuously.
A network security audit is a checkpoint to determine if security policies and management is working effectively and to identify any deficiencies that put the company at risk of a security breach.
Networks are rarely entirely under control
Users add devices and sometimes even new hardware to the network infrastructure. Even worse, users will install software they need without informing the administrator if they are able to.
These activities can have drastic repercussions on network security.
Even network administrators cannot assume this process is entirely under their control.
Network administrators need to perform regular network auditing and monitor any changes to the pre-set baseline to protect the company.
MobileCorp network audit managed service
MobileCorp offers a network audit managed service as part of its unified security management capabilities.
A MobileCorp network audit will cover the following five steps:
- Step 1: Define the security perimeter
- Step 2: Review current state
- Step 3: Identify and assess threats
- Step 4: Formulate automated responses and remediation action
- Step 5: Network audit report
The first step in the auditing process is to clearly define the scope of the audit. For most companies this will include all software, devices and machines, both managed and unmanaged, in all locations to define the security perimeter for the company.
Managed devices will be a list of computers, machines, devices and databases that belong to the company directly, which contain sensitive company and customer data. If there are BYOD policies or IoT connected devices and machines, as well as contractors and visiting guests, the unmanaged segment of the audit should provide visibility of all these connected endpoints.
Finally, the security perimeter must include define a software perimeter – what is allowed and not allowed; and the scope should include all access layers – wired, wireless and VPN connections.
The audit will review the current state of the network policies, processes and security management programs. It will make sure that all connected devices have the latest security patches and malware protection. It will also include:
- Security Policy Review
MobileCorp will review all security policies and procedures to validate whether technology and information assets are effectively protected. For example, who has access to what, and do they really need that access?
- Security Architecture Review
The architecture review analyses the actual controls and technologies that are in place. This builds off of the device & platform identification process to give an in-depth analysis.
- Firewall Configuration Review
MobileCorp will review a firewall’s topology, undertake a rule-based analysis, and audit management processes/procedures, and configuration. We will also evaluate the policies for remote access and check to see if the firewall is up to date with the latest patches.
- Risk Assessment
MobileCorp will undertake a number of assessments to characterise systems (process, application, and function), identify threats, and analyse the control environment to determine what are the risks and their potential impact. This information is then used to prioritise the fixes from the biggest threat that is easiest to remedy to the smallest threat that is the hardest to fix.
- Penetration Testing
A penetration test is “a kind of stress test” for the network’s security architecture. MobileCorp will try to “break” the security architecture to find and fix previously undiscovered issues.
MobileCorp will review the established security management program including automated responses and remediation plans to analyse whether it can defuse any threat that is discovered.
Processes designed to eliminate the risks identified could include:
- Network monitoring
- Software updates
- Data backups and data segmentation
- Threat detection and defence
- Disaster recovery
- Employee education and awareness
MobileCorp will deliver a Network Audit report that will outline the methodology of the audit, penetration testing results, identified threats or breaches, and recommendations for remediation.