What is Involved in an IT Security Audit?

Companies are increasingly foregoing IT security audits, with the belief that these audits are unnecessary. But neglecting security audits can be suicide for a business. Just one breach can cost millions of dollars, leak valuable corporate information, or destroy the reputation of a company. Hackers, identity thieves, cyber terrorists, and corporate espionage are real, and security breaches are happening on a grand scale all over the world. Here is what a good IT security audit ought to look like.

Identifying Vulnerabilities in the Network
There are three vulnerabilities when it comes to your network: the access points, the user availability, and the data interception. Most IT specialists focus totally on the access points, and tend to neglect other network vulnerabilities. The access point is a primary concern, as this is the point at which the network allows user access, and outsiders can deliver malware or intercept data. However, this is not the only vulnerability that a good audit will examine.

The availability of the network is important to a security audit because a lack of availability interrupts the flow of business. Availability is most vulnerable when branch offices or remote workers are scattered across the country or the world.

Data interception is when an outsider is able to steal or modify data as it is transmitted across the network. In addition to data theft, companies need to be aware of the potential for data to be corrupted, destroying the integrity of the information.

Controlling Vulnerabilities In The Network
A good audit doesn't just identify vulnerabilities, it offers solutions for controlling those vulnerabilities. In the case of access points, good control measures include programming code that only allows for certain types of traffic, a properly configured firewall, intrusion detection measures, and solid, up-to-date anti-malware.

Controlling network availability is a matter of including multiple redundant paths, so the system is assured of a clear and unblocked pathway. Monitoring and managing the system is also critical for maintaining availability.  Controlling data interception includes both physical security controls and a high level of data encryption. Encryption can be done by one of the network devices, such as the router or multiplexer, or by the applications.

The Process of a Thorough IT Security Audit
In order to identify vulnerabilities and establish controls, the auditor needs to get a comprehensive look at the entire network. This includes identifying the expanse of the network, both onsite and across geographical boundaries. An IT Security Audit should include a thorough examination of the data assets handled by the network, and identify who exactly has access to that data, and how. Audits should include a look at all connections to external networks, as well as the protection mechanisms already in place.

Carlos Coutin is Financial Services Technology Strategist at Envision Consulting, He is passionate about RIAs and entrepreneurship, something that led him in his quest to advice people like him, who want to make the best possible tech decisions without stress and with intelligence. Visit his website at www.envision-consulting.com. You can email Carlos at: ccoutin@envision-consulting.com and follow him on Twitter @carlos_coutin.

comments powered by Disqus