12 Things to Consider When Performing a Security Assessment - Smeester & Associates - Denver, Colorado USA

12 Things to Consider When Performing a Security Assessment

With recent big-name breaches from Yahoo, ADP, and the IRS in the news, security is a top concern for many business owners.

And with the advent of the cloud and evolution of the Internet of Things (IoT), hackers have evolved too. They’re finding increasingly clever ways to exploit technology designed to make doing business easier.

Yet most businesses are using outdated security software and practices, and failing to refresh their cybersecurity solutions/practices to meet the increased risk.

network-security-assessment3 Common SMB Security Threats

Most small- and medium-sized business (SMB) owners are very cost-conscious, and won’t spend money on beefing up their IT security unless they understand that they risk more by doing nothing. And ignoring security vulnerabilities won’t make them disappear. Here are a few vulnerabilities that are often overlooked.

1. Outdated security software

This is more common than you might think. Some businesses feel comfortable using a boxed product purchased years ago, others forget to renew expiring licenses, and still others find themselves in the unfortunate position of finding out their own network is blocking routine security updates.

2. Haphazard access control

Making everyone an admin can prove to be just as detrimental as failing to turn off an employee’s access when (s)he leaves your company. Many SMBs need to find a better way to manage access to and control over their systems, network, and data.

3. Leaving passwords out for prying eyes

Yes, even in 2016, people still leave their passwords out for anyone to see. All the IT security technology in the world can’t protect against a little slip-up like this. SMB’s need to build—and hold accountability to—stronger security practices that assist in preventing messy data breaches.

Can you spot the 13 security flaws in this photo? Play along now!

An IT assessment will quickly flag these obvious vulnerabilities and more. What is your cost of a breach? Factor in downtime, lost opportunities, clean-up costs, reputation damage, and of course, the big fines. In most cases, the cost of a single breach will be considerably higher than that of a comprehensive security assessment from time to time.

What Steps to Take as Part of Your Security Risk Assessment

When you schedule your 360-degree security assessment with an IT provider equiped to perform them, here are 12 essential tasks we recommend you that IT firm includes:

1. Evaluate inbound firewall configuration and search for known external vulnerabilities

If a managed firewall service is not in place, this report will help show you why you need to implement one. It can also help ensure that the impact of changes made to the external firewall—or exposure of outward-facing applications—is minimized.

2. Review out-bound firewall configuration

The SANS Institute best practices for egress filtering points to the vital role that the blocking of unnecessary traffic plays in eliminating the spread of viruses, worms and Trojans in the environment.

3. Inspect the effectiveness of the current patch management tool

The purpose of this task is to identify systems in which security patches have not been applied in a timely manner.

4. Examine antivirus and anti-spyware deployment

This activity determines where antivirus and anti-spyware is not deployed or is out of date.

5. Conduct administrator review

This review validates, through interview(s) with the business owner(s), the list of users with administrative privileges.

6. Share permission review

This action validates which users have access to critical business data through interview(s) with the business owner(s).

7. Perform physical security walk-through

This in-person walk-through of the office helps you identify issues a network assessment tool can’t—like employees leaving their passwords in plain sight.

8. Run an internal vulnerability scan

By scanning your network for internal security vulnerabilities that could be exploited once an attacker gains access, you’ll have a better understanding of what you’re up against.

9. Look for anomalous logins

This task is intended to review security audit logs for suspicious logins or log-in attempts.

10. Perform a security policy review

Review default Group Policy and applicable Local Security Policies for consistency and alignment with best practices.

11. Do an IT administrator review

Review user, computers, and Layer 2/3 detail with the in-house administrator to identify possible defunct or rogue users and systems.

12. Check compliance with basic standards

For all companies, even if they are not required to comply with a compliance standard such as HIPAA or PCI, a compliance-level audit is beneficial in finding security-related, best-practice violations.