Network Audit

Today we live in a connected world. Communication is a key requirement for all systems. Increased integration of systems requires a compulsive need to establish fast and reliable communication that is as widespread as the organization and its business dealings. Information systems need to reach out to users, vendors, customers and partners (irrespective of their location); everything is connected to nearly everything else.

Network Vulnerabilities

The basic vulnerabilities associated with a network can be grouped into three broad categories:

1. Interception—The data that are transmitted over the network pass through some medium that consists of a carrier and other equipment, often in the physical control of other third parties. These data could be intercepted. Once intercepted, there is a risk of undesirable disclosure, i.e., someone stealing data or modifying the intercepted data, resulting in loss of integrity and consequent other, more material losses.
2. Availability—As networks proliferate, more and more users are remote and access their applications over the network, crossing hundreds or thousands of miles. If network connectivity fails or becomes unavailable for any reason, there would be serious interruption to business and consequent damages.
3. Access/entry points—The network extends a computer system beyond the box into the world. The network provides the ability to extend the system to users across geographical boundaries, resulting in conveniences and efficiencies otherwise impossible. Conversely, the same network provides the feasibility for access to the system from anywhere. A single weak point in the network can make all the information assets in the network vulnerable to intruders. The network can provide many points of entry for intruders, interceptors and malicious code-like viruses, worms and Trojan horses. The ability of the network to enable access to a system from anywhere is the most serious of a network’s vulnerabilities. Given the fact that a major benefit of a network is its ability to provide access from elsewhere, the task at hand becomes discovering how best to devise controls around this access.

Auditing Network Security

1. What is the network? — We will determining the extent of the network. This is generally done by examining the network diagram. The network diagram is basically a map that shows all the routes available on the network. The key factor our auditors will look in is its accuracy.
2. What are the critical information assets in the network?—The fundamental principle of information security and audit is that protection is related to the risks associated with the assets as determined by a systematic risk assessment. We will come out with good idea of the critical assets, systems and services that need to be secured. Typically, one would want to protect enterprise systems including ERPs, mail servers and other internal applications, web servers that host applications that are accessed by customers and vendors, and the network and its components. In this context, the security and access mechanisms surrounding the applications and the servers (the OS and database) also need to be robust.
3. Who has access?—The next step is to determine the persons who have access to the systems on the network and how. Is the system accessed only by employees? Do customers and vendors also access the systems? Do employees access the system from outside the office? Do customers access only the web server via the Internet or do they perform remote logins to the enterprise systems? The answers to these questions will have significant impact on security.
4. What are the connections to the external networks? — At a minimum level, every network today is connected to the Internet through an Internet service provider. The primary reason for connecting to the Internet is to enable receipt and dispatch of mail and to enable browsing by employees. Enterprises may also have other reasons to connect to the Internet, such as e-commerce web sites through which the company’s vendors, customers and partners collaborate, place orders or exchange other information. Dedicated connections to the networks of other partners may also exist. The gateways through which each of these connections is made are potential entry points for the external world.
5. What are protection mechanisms?—Once the basic understanding of the network, the resources and the risks has been obtained, our auditors will be ready to look at the protection mechanisms.

At the end of auditing we will evaluate all the security breaches and come out with an effective and adequacy security policies, which will make you more secure from this Vulnerable world.