Over the years, businesses’ mission-critical technology has expanded at a rapid pace. A network no longer consists of only servers, client computers, and basic networking equipment. Cloud computing has been introduced to host “X as a Service” solutions and applications that rely on big data, allow mobile and remote endpoints, network shares, and multiple communication applications, just to name a few. Even the solutions meant to secure the network and endpoints have grown complex to the point where a misconfigured security solution could leave an organization vulnerable.
This is why many organizations turn to outside partners to conduct a network security assessment. Having one performed by a trusted partner lets you know not only where your organization's security posture currently stands, but also what you can do to better protect yourself from the current threat landscape.
Understanding the Network Security Assessment
A network security assessment is not just a team of highly paid consultants performing penetration tests against a company’s network, actively mimicking a cyberattack. Depending on the type of testing done and the size of the network, these tests can accrue significant costs.
A network assessment is completed before penetration testing and meant to first evaluate your current network setup and identify vulnerabilities that could potentially be exploited. An assessment generally involves your chosen partner vendor collaborating with your IT team to gain the necessary knowledge to understand what challenges your organization faces, where any gaps in security may be, and what practices and processes are currently in place.
It is important before starting your assessment to determine what parts of your network will be evaluated, which can include your web applications, wireless networks, communication setups, and more. Many organizations prioritize the areas of the network that are involved most often in the day-to-day operations because any security exploitations to those touchpoints could result in significant impacts to the business.
Some of the questions you can be expected to answer include:
Do you have a clear picture of what the overall security posture at your organization is?
This will check to see if you have an understanding of what it is you should be protecting, what you are doing to protect your network resources and data, and if you are adhering to security best practices.
How often does your organization review security logs?
Many organizations don’t review security logs unless something goes wrong. Answering this question honestly will help a managed security services partner understand how they can help you create processes to review these logs so you can be more proactive.
What is your plan if you detect a data breach?
Surprisingly, most organizations do not have a plan in place to deal with a security breach. Even those that do have a plan in place often find, after an assessment, that there is much more they can do to help clean up post-breach and protect their reputation from damage.
What solutions and processes do you have in place to help detect and mitigate against malware, ransomware, and other threats?
With ransomware attacks on the rise and thousands of new variants of malware being found every day, traditional antivirus solutions are no longer able to fully protect you against this type of threat. With this information in hand, your partner will be able to better understand where your organization needs to bolster its defenses.
Who has full access to administrative accounts on your network and to sensitive information?
Identity and access management is key to making sure that only the right people have access to certain information or areas of your network. This will help you form processes that not only adhere to the practice of least privilege, but also help you identify and quickly remediate against ghost accounts that should no longer be active.
How does your organization deal with encryption?
Knowing if you are encrypting data properly at rest and in transit can help you prevent accidental data leakage, as well as mitigate against data exposure from a breach.
Do I Really Need a Network Security Assessment?
Organizations of all sizes are targets for cyberattacks. Smaller organizations are seeing more threats because attackers often view them as low-hanging fruit. As a result, the answer is yes. No matter the size of your organization or the industry you are in, you will certainly benefit from the expert analysis of your current security situation that this type of assessment provides.
Not only will you find out where you may be vulnerable to cyberattacks or data breaches, but the right partner will provide you with the best possible solutions for shoring up your security defenses through solutions such as backup and recovery, proper firewalls, cloud security, and email security solutions.
The right managed security services partner will be able to provide you with best-in-class advice, and may even be able to help keep your costs down by leveraging their relationships with the different security vendors that they work with.
Originally published September 2018 and updated March 2020.