You don’t know what you don’t know.
With more security threats swirling around your organization, one of the biggest dangers is where to apply your resources to protect your organization. According to McAfee, there are now more than six threats per second. That’s the main reason that before you invest in a security solution, you should conduct an in-depth security assessment. Foundstone Services from McAfee has developed a proven methodology for conducting a comprehensive system security assessment that helps you achieve high levels of assurance and business value from your security investments.
They stress three key areas that should be the focus of your assessment.
- Vulnerability scanning and verification
The first step in an assessment should be a mapping of your security footprint and profile. This will become the basis to perform vulnerability scanning used to attempt to penetrate your IT systems. The scanning should take a holistic view of your system by chaining multiple, low-risk vulnerabilities to gain access into the target network. The use of linking allows the tester to gain access to sensitive data like password hashes and restricted databases.
The vulnerabilities uncovered during the scanning process then need to be manually verified to minimize the number of false positives. This will significantly reduce the time you spend on corrective action and optimize the use of your resources. The checking process is conducted to ensure that proper identification of operating systems and version numbers.
- Penetration testing
This test provides the most effective and thorough analysis of your internal defenses. The process should examine all hosts in-scope for any weaknesses or piece of information that an internal attacker could use to violate the confidentiality, availability and integrity of your systems.
- Vulnerability analysis
Finally, you should conduct a comprehensive analysis of your vulnerabilities to determine systemic causes. This will allow you to recommend the appropriate corrective action strategy. Follow this up by documenting and prioritizing these recommendations sorted by people, process and technology.
Implementing the appropriate corrective actions for your discovered vulnerabilities is only the start. You must revisit each risk area within three to six months to ensure that the preventive measure you put in place are still effective in protecting you from cyber threats.
Conducting a thorough security assessment is critical in determining the actions you need to take to avoid potentially devastating risks to your organization. Without such a comprehensive assessment, you may be investing resources in the wrong places while missing significant risk areas.
DynTek is a McAfee Platinum Partner with expertise in architecting, implementing and supporting a comprehensive security roadmap covering your network, applications, and databases. Click here to find out more about DynTek’s security assessment services and end-to-end security solutions.