Organizations spend considerable time and money to establish security policies and practices. These policies include procedures to measure compliance and one of the most important tools in their arsenal is the security audit.
Auditors can be either internal staff or external service providers, but their purpose remains the same-to gauge compliance to internal policy and potentially, external regulatory dictates. It is a technical assessment, a snapshot of how security policy is being enforced. The review will likely uncover some compliance gaps. This shouldn't be viewed as a negative, but as an essential part of the process.
An audit is wide reaching and involves many resources, both technological and human, so management should ensure adequate time is allocated by key participants. Auditors perform their work using a variety of tools and processes, some manual and some automated. As the first thing you need to determine is the size and contents of the network, you typically begin with a site survey.
This will provide a thorough technical description of the network, hosts, connections, and the like. Next, you should review previous findings or historical data if it is available. Don't overlook the importance of this data, as it can provide valuable insight into lingering vulnerabilities.
The data gathered should be contrasted against the corporate security policy to measure compliance. Audits times vary from a week to as long as a month. Following the review, a final assessment report should be prepared. This report will detail findings and include the conditions tested, criteria used, the outcome and recommendations.
This report is a powerful tool, one that should be used to adjust system settings or update corporate policy. Auditing should be seen as integrated, recurrent task, essential to ensuring the security of your enterprise network.
This guest post was provided by Veronica Henry on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information about GFI network auditing software can be found at http://www.gfi.com/lannetscan/network-auditing-software.htm