xxxx Often Administrators & Managers may assume that once the network has been working and serving the organization users their work is considered as done! Changes in technology & business making are forcing us to adapt to these changes and provide solutions that are costly reasonable but not punching holes in our security. You may find that during these changes, additional components have been added but may compromise security; therefore revisiting the network design along with new requirements is needed.

The Process

 

 

Some Area to Look For

  Is Your Firewall Protecting You Effectively?

Check your rule-set for too open rules that include unneeded services or destinations

Enable audit trail

Update Firewall Firmware

Who IS Accessing Your Information?                 Information is located all over your systems; servers and users’ workstations. Is Your Wireless Network Secured?                 Set password with encryption                 Filter MAC address                 Use LDAP authentication                 Use zones where guests will get strict destinations

Enable audit trail

Do You Have Security Policies In Place?

        Establish password policy

IT & Security – Encryption Policy

IT & Security – Firewall Policy

IT & Security – IT – Change Control Policy

IT & Security – IT – Use of Encrypted USB Flash drives

IT & Security – IT -Emergency Incident Response

IT & Security – Physical Security Policy

IT & Security – Records Retention and Destruction Policy

IT & Security

Access Control and Use Policy

IT – Logging Policy

Security – Records Retention and Destruction Policy

Technology & Security – IT – Asset Management Policy

Do You Have a Database Internet Facing?                 Set rule to allow ports 80/443 to the webserver                 Set rule to allow database port 1433 from webserver to database server                 Harden Database server configuration                   Harden Web server configuration

Don’t Know What to Do? Talk to Us!