network security audit
What is a Network Security Audit?
A network security audit ensures that an organization’s network security performance is closely monitored and kept to the highest standard. Various kinds of network security audit features already exist in all modern computing platforms, such as security event logs or journals of database activity, but these are not enough to keep you ahead of the game. An effective audit leaves you safe, secure and risk-free.
A network security audit should include a full investigation of your entire network topology with analysis of both internal and external data flow, security policies and compliance standards. All of this should be provided with appropriate tools that allow various levels of resilience testing and mock attacks, ensuring the highest possible level of protection and peace of mind.
Why is this important to my business?
The cat and mouse struggle between businesses and hackers with malicious or criminal intent is a constant battle.
90% of companies in business today have been victim to cyber crime (ComputerWorld)
$1 trillion dollars per year is lost globally to companies’ intellectual property, fraud and damage (ABC News)
30,000 websites are hacked every single days (Forbes)
Most alarmingly, the average time between a computer resource being compromised and that compromise being detected is 156 days (stopthehacker.com). Can your business really afford those sort of openings in your infrastructure? Keeping up, getting ahead, staying secure, is the only way to prevent those holes from opening up. The facts demonstrate that your company will fall foul of some sort of hacking threat in the near future. Smart businesses are auditing and protecting before this becomes a reality.
Every organization should perform regular and routine network security audits to ensure their data and assets are efficiently protected. An audit of your business enables the investigation, targeting and neutralization of chosen trends and specific security incidents, both inside and outside of your field. The end result is the assurance that you are efficiently protected against whatever is thrown your way, resulting in happy staff, customers, and board members.
Compliance Audit Requirements
This isn’t just important from a protection point of view either. Across all industries and in companies of all sizes, meeting compliance audit requirements is an integral part of maintaining high standards. Different types of business require different regulatory boxes to be ticked. Just a couple of examples: financial services companies are required to ensure that any transaction information is secured and backed up with a reasonable disaster recovery infrastructure; healthcare companies that store or transmit personal health records are accountable for portability and accountability requirements.
However, it is no longer just large enterprises or public services operating in more regulated industries that have compliance standards. Companies, large and small, not adhering to these standards are simply being left behind.
The Data Protection Act, Regulatory Of Investigatory Powers Act and various ISO standards are examples of important compliance requirements for a modern business.
How can activereach help me?
activereach has dedicated Security Audit professionals, enabling us to provide a highly flexible, efficient and cost-effective approach to auditing and securing your business.
A Security Audit from activereach will provide you with an experienced technical consultant who will visit your nominated site and carry out a full investigation, with a consultation session prior to the visit to ensure you get the maximum benefit from the visit.
The investigation will include, but not be exclusive to:
- Checking the external Internet router topology and configuration
- Checking branch office routers or firewall configurations
- Checking VPN configurations between head and branch offices
Best Practice design will ensure that your Internet access is robust
Checks on the configuration of devices will provide recommendations for improved security and simplified management. Software on the routers and firewalls will be audited to check for security holes or issues that need to be addressed.
Checking VPN configurations between teleworkers and the head office
Providing secure access is more than just handing out VPN software and passwords to your remote users.
Checking traffic use to look for malicious or non-business related activity
Scanning of LAN traffic as it leaves and comes into the head office network for anomalies. A network protocol analyser will be used to inspect the traffic and to highlight issues in real-time.
External port scanning (requires time offsite)
This outline scan of the externally accessible network addresses of your security perimeter will highlight vulnerabilities which require your attention.
Physical security issues
There are often many simple changes that can be made to secure the physical and network assets of the company.
Wireless deployment security
The audit will check the configuration and location of wireless access points against best practice security settings.
Advice on decreasing external risk
Threat mitigation helps divert attention away from your business in the same way as a physical alarm.
Assessment of suitable outsourced network services
If you are able to locate services outside your network, then you reduce the risk to your network. Whilst not every business process is suitable for external delivery, there may be services which reduce your risk and network bandwidth, whilst increasing your ability to provide support and functionality to your users.
Hardware support review
Budget limitations may squeeze what you can add to the network but that makes support of your current infrastructure paramount if the business is to increase profitability.
Resilience Testing & Mock Attacks
Currently, only a handful of companies in the UK are offering this service as part of their Network Security Audit package, which is surprising as this is arguably the most important element.
Both malicious and criminal DDoS attacks are on the rise. No longer is this just a concern for huge corporations or political organizations. Over 7,000 DDoS attacks are reported every single day and a lot of these reports are from much smaller companies than you might expect. In the region of 20% of all machines on the Internet have been compromised as “bots” at one time or another. Downtime can last hours, sometimes days, losing your business tens, even hundreds of thousands of pounds. Even share prices have been known to be affected by these attacks.
The figures are staggering. DDoS attacks are available for hire for as little as a £100 a day. The threat should be taken seriously, meaning proactive strategies are required rather than waiting to be hit. For any company that requires guaranteed levels of Internet availability and a secure network, DDoS protection is rapidly becoming a must have service.
activereach provides realistic DDoS testing of company network resillience and simulation of DDoS attacks. Serving federal and Fortune 500 customers, we can ensure that your security and staff operate to the highest level of awareness and are ready to perform efficiently during any level or variation of attack.
During a targeted DDoS attack on your business, many different layers, areas, and devices on your network may be severely affected, even brought down completely. You need to make sure that when under attack and the chaos ensues, that everyone knows what to do and how to swiftly and efficiently return to a normal working state.
We will help validate your team’s response plans by working at some keys areas:
- What monitors do you have and what attack vectors are they monitoring?
- How long will it take your system to provide confirmation that a DDoS is definitely in progress?
- Is your alerting system accurate and detailed enough?
- Who are the key members of staff who need to be available when an attack is confirmed?
- Who is responsible for activating the mitigation?
- How long does that activation take and just how effective is it?
- When the mitigation is in place, do all of your systems and work flow function correctly?
- How long do your mitigation and prevention methods take to fend off different types of attack?
Our DDoS testing platform can simulate a plethora of different scenarios and attacks. With access to and full visibility of the control panel, you are provided with real time control of the simulations and real time metrics. You can adjust various different parameters with the click of a button and see how your network reacts in real time as if the attack were real.
Make sure that your systems and people are ready!