How does a network security assessment work?
A network security assessment is a common tool used by IT departments and managed service providers like Sagiss. In short, a network security assessment catalogs every device and piece of software connected to a particular IT network.
In this video and post, we will explain in detail how a network security assessment works, why we use it, and what to expect of the process.
In addition to being a diagnostic tool for troubleshooting, a network security assessment is also used to connect a support provider with potential new clients. Many managed service providers, including Sagiss, offer complimentary network security assessments. This an excellent way of cataloging every device that requires support and ensuring the business owners have complete information about the state of their IT infrastructure.
That said, the network security assessment is a fairly technical process that may seem confusing or ambiguous to most people. Some business owners might request a network security assessment without understanding how the process works or what information is retrieved. Therefore, we’ve assembled this article as a guide for learning more about network security assessments.
Why run a network security assessment?
A network security assessment is an exhaustive inventory of all the components on your network. Every workstation, server, switch, router, and program running on your network carries some form of unique identifier. The network security assessment program sniffs these out and builds a useful diagram of your IT infrastructure.
Network security assessments can also diagnose the state of the network and its operational status. IT administrators can pull all sorts of information about a given workstation, server, or program. This includes serial numbers, recent updates, IP addresses, user activity, memory, available storage, and a great deal more.
How does a network security assessment work?
The network security assessment program compiles data about your network infrastructure and then organizes that data into meaningful feedback. At Sagiss, we break down the information into two categories: Network overview and security status.
The network overview is a general snapshot of the machines and apps connected to your company’s IT network. It includes:
Operating systems – A complete breakdown of every type of OS currently running on your network.
Updates – Which workstations and servers are missing critical updates.
Anti-spyware & antivirus – Checks whether critical security programs are active on the network.
Login history – Have any users been inactive more than 30 days? Do you have any ghost users?
Network diagram – A visual hierarchy of every piece of hardware that makes up your network.
Software – Are software licenses all up to date? Are any workstations missing standard software?
The network security assessment generally includes a summary as well as an exhaustive list of each data point. If you are a business owner who has requested a network security assessment, ask the provider to review these results with you. A qualified support provider should be able to interpret the results into actionable steps.
A network security assessment should also provide information about the state of your network security. The network security assessment sniffs out common security issues and categorizes them according to priority. A few of these categories include:
External scans – Are any ports on your network open to the general internet?
Web content filtering – Does the network automatically filter web content?
Account lockouts – Incorrect password attempts should lock out user accounts.
Password policy – Are users required to change passwords? Do you require password managers and multi-factor authentication?
Dark web research – Have user credentials associated with your company been published on the dark web?
Rights management – Internal policies should dictate that users can access only what they need to perform their work.
The documented results of a network security assessment should be yours to keep once the process is complete. Work with providers that can assure you that your confidential data won’t be seen by a third party.
The results themselves are typically available in various forms. At Sagiss we provide the overview with a short slide deck, and the full results in a Word or Excel sheet.
Finally, before you give anyone access to your network, make sure they will sit down with you to review the results.