Six-part set of articles takes 360-degree look at the implications of new laws that require organizations to notify people whose personal information has been compromised
About how to conduct an Internal Security Audit of your network, start with a risk analysis - here are processes of it:
1. IT assets/resources inventory along with High-level and low-level network diagrams (logical and physical topology diagrams), building map, systems documentation (applications, Platforms, all equipment)
2. Shortlist the key data owners like dpt managers and executives to find out most critical resources (biz apps, IT assets supporting them).
3. Assess -along with the relevant manager or executive especially the CFO (Chief Finance Officer)- the business impact of losing each system or key data set.
4, Classify each asset based on its sensitivity and importance based on point 3 i.e. business impact.
5. Identify and itemize all of the potential threats to each asset. (list them in a table and connect them to relevant asset - example PCs can be affected by worms and trojan horses, all devices may be prone to reconnaissance and access attacks, etc.
6. Assess the probability of those threats actually coming to bear.
Once you're done with this risk analysis, your actual security audit can carry on with Step 2: prepare your audit: prioritize, decide objectives, plan audit procedure and communicate your plans to others (via email, but a meeting is more relevant along with a PPT presentation)
Step 3: Review policy documents and reports (Policies and Procedures in place, include the secure access and use of all devices: switches, routers, PIX Firewall, Clean Access, ASA,PCs, Servers, ...
Step 4:Gathering people information by talking to staff, interviews, surveys
Step 5 - Testing -review all systems logs, applications running as root, unnecessary apps and services, unauthorized hardware scan on the network, review categories of users based on privileges and roles, check the physical security to all systems
Step 6 - Evaluating your data: analyze all data collected by the automated tools, itemize all applicatio backdoors and loopholes, itemize all areas where security practice does not comply with policy or procedure, label each of your security components
Step 7 - report your findings
Step 8 - Post-audit actions: Follow-up with staff, Make copies of all your test data, Redraft your security policy and procedures, assess your audit tools and procedures (check if automated tools for actions taken manually exists, what and why did you use a given automated tool, etc.
Enjoy buddy, I hope that this will be informative to you. For more information - check info-tech web site.
The Complete Guide to Security Breach Disclosure
Six-part set of articles takes 360-degree look at the implications of new laws that require organizations to notify people whose personal information has been compromised
» View Article
I bigner, in to security. Please help me.
currently i am doing internal complinace audit. But i need information on
how do audit on compliance,
How do audit on Server.
How do audit on Linex server.
How do audit on Router.
How do audit on firewall.
Please send me details. From where i can start.
Hi,
About how to conduct an Internal Security Audit of your network, start with a risk analysis - here are processes of it:
1. IT assets/resources inventory along with High-level and low-level network diagrams (logical and physical topology diagrams), building map, systems documentation (applications, Platforms, all equipment)
2. Shortlist the key data owners like dpt managers and executives to find out most critical resources (biz apps, IT assets supporting them).
3. Assess -along with the relevant manager or executive especially the CFO (Chief Finance Officer)- the business impact of losing each system or key data set.
4, Classify each asset based on its sensitivity and importance based on point 3 i.e. business impact.
5. Identify and itemize all of the potential threats to each asset. (list them in a table and connect them to relevant asset - example PCs can be affected by worms and trojan horses, all devices may be prone to reconnaissance and access attacks, etc.
6. Assess the probability of those threats actually coming to bear.
Once you're done with this risk analysis, your actual security audit can carry on with Step 2: prepare your audit: prioritize, decide objectives, plan audit procedure and communicate your plans to others (via email, but a meeting is more relevant along with a PPT presentation)
Step 3: Review policy documents and reports (Policies and Procedures in place, include the secure access and use of all devices: switches, routers, PIX Firewall, Clean Access, ASA,PCs, Servers, ...
Step 4:Gathering people information by talking to staff, interviews, surveys
Step 5 - Testing -review all systems logs, applications running as root, unnecessary apps and services, unauthorized hardware scan on the network, review categories of users based on privileges and roles, check the physical security to all systems
Step 6 - Evaluating your data: analyze all data collected by the automated tools, itemize all applicatio backdoors and loopholes, itemize all areas where security practice does not comply with policy or procedure, label each of your security components
Step 7 - report your findings
Step 8 - Post-audit actions: Follow-up with staff, Make copies of all your test data, Redraft your security policy and procedures, assess your audit tools and procedures (check if automated tools for actions taken manually exists, what and why did you use a given automated tool, etc.
Enjoy buddy, I hope that this will be informative to you. For more information - check info-tech web site.
God bless you.
Dirty Tricks: Social Engineers' Favorite Pickup Lines
Tabletop Exercises: 3 Sample Scenarios
19 Ways to Build Physical Security Into Your Data Center
Get instant notifications when whitepapers, webcasts and case studies are added to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
» More blogs
CSO Perspectives
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
Trend Micro ranked #1 against real-world malware. Read more.
64-page prescriptive guide to security, compliance, and IT operations.
Removing Barriers To Better Server Virtualization Efficiency
Mining for Gold: Cybercrime Prevention and the Role of Log Management
The Executive Guide to Data Loss Prevention
Organizations can spend up to 50% more on compliance efforts than necessary.
White Paper: A Security Blueprint Delivered From within the Network
Read the RSA report: Security for Business Innovation
Upgrading to VMware vSphere with vWire
Explore the increasing importance of log management as cybercrime threats grow.
The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
Implementing Best Practices for Web 2.0 Security
Five Ways to Reduce Your IT Audit Burden
THE IDG NETWORK