Security Audit

INTRODUCTION

Digital business models provide many benefits but they also bring new challenges. Securing your organisation is becoming more difficult as you move workloads to the cloud, become more mobile and connect more devices to the internet. At the same time, cyber attackers are identifying new vulnerabilities to exploit and using more sophisticated techniques. 90% of large businesses had a security breach in 2015, and 66% of small firms have been a victim of cyber-crime in the last two years. Our Security Audit identifies security risks and vulnerabilities in your infrastructure and deviations from best practice. We provide you with a detailed report setting out our findings and recommendations for re-mediating the risks identified. The audit provides a comprehensive series of security checks. These cover your firewall configuration, firewall rule-base and an assessment of firewall vulnerabilities. They also include an external vulnerability scan and an audit of security policy compliance on domain and local machines. In addition, we provide extensive supporting information including asset discovery and configuration reporting for servers and workstations, network diagrams, user controls in place and more.

Our audit report covers the following:

1. Risk Report

• Executive summary of our findings

• Identified risks in order of severity and recommendations

• Security architecture observations and recommendations based on our understanding of your business

2. Firewall Assessment Report

• Best practice security audit, identifying risks in order of severity and recommendations

• Vulnerability audit, providing details of known software vulnerabilities and recommendations

• Rule optimisation audit, covering network filtering rules and objects, highlighting unused objects, overlapping or contradictory rules, group recursion and disabled or unused rules

• Configuration audit, showing device configuration and settings

• Supported firewalls include Cisco, Check Point, Juniper, Fortinet, Palo Alto, Sonicwall, Sophos, McAfee/Forcepoint and Watchguard

3. External Vulnerability Scan Report

• Output of security issues, warnings and advisories from an external vulnerability scan

• Prioritised list of issues by CVSS and recommendations

4. Security Policy Assessment Report

• Overview of domain and local machine security policies

• Policy compliance report and recommendations

• Summary of issues detected based on industry best practice and recommendations

5. Supporting Information Reports

• Asset discovery audit report, including workstation and server configurations and settings

• Network site diagram listing discovered devices, showing network structure and configuration information

• Analysis of user controls in place enforcing content filtering

• List of accessible ports and protocols and exploitable protocols in use

• List of computer login failures

• Physical observations for the site location attended

How long will the audit take and what do you need? As a guide, the scanning and data capture process of the audit, for an environment of 500 endpoints, typically takes 2-3 hours to complete. External vulnerability scanning will take approximately 2 hours, depending on the scope of the scan. Scanning and data capture is non-service affecting and can be performed in or out of hours depending on your preference. The tools are used when onsite and remotely, for which temporary VPN access will be required. Our consultants work closely with your IT team to ensure all required prerequisites are met  prior to any activity commencing, thus ensuring smooth operation and delivery of the engagement

 

If you have not had a security audit in the last two years, we would recommend conducting an audit, or if you are unsure of your risks and would like to speak to a specialist, send us a message and one of our team will be with you shortly.