If you've taken a look through our managed IT services, you'll have noticed that the first step in our process is “Analysis and Assessment”. Before engaging with us, many of our customers have wondered what it is that we're assessing! Unless you're immersed in IT, it's hard to “see” what we're going to do for you.
Every company needs to be concerned with the risk of hackers penetrating their network. The first step to building a strong defense is to understand where your defenses are currently weak and how you can strengthen them.
To help make this more real for everyone, I'd like to share with you the results of a network risk assessment (which is one piece of the overall analysis). What follows is an issue summary from a real network assessment we performed. Each network assessment is scored on best practices for network health, performance, and security. Each issue is given a score of 0 to 100 and combined into an overall issue score. A higher score equals higher risk.
Unsupported Operating Systems (97 points)
Issue: 2 computers were found using an operating system that is no longer supported. Unsupported operating systems no longer receive vital security patches and present an inherent risk.
Recommendation: Upgrade or replace these two computers.
Anti-Spyware Not Installed (94 points)
Issue: Anti-virus software was not detected on some computers. Without adequate anti-virus and anti-spyware protection on all workstations and servers, the risk of acquiring malicious software is significant.
Recommendation: To prevent both security and productivity issues, we strongly recommend assuring anti-spyware is deployed to all possible endpoints.
Anti-Virus Not Installed (94 points)
Issue: Anti-virus software was not detected on some computers. Without adequate anti-virus and anti-spyware protection on all workstations and servers, the risk of acquiring malicious software is significant.
Recommendation: To prevent both security and productivity issues, we strongly recommend assuring anti-spyware is deployed to all possible endpoints.
User Password Set to Never Expire (80 points)
Issue: User accounts with passwords set to never expire present a risk of use by unauthorized users. They are more easily compromised than passwords that are routinely changed.
Recommendation: Investigate all accounts with passwords set to never expire and configure them to expire regularly.
Operating System in Extended Support (20 points)
Issue: 71 computers were found using an operating system that is in extended support. Extended support is a warning period before an operating system is no longer supported by the manufacturer and will no longer receive support or patches.
Recommendation: Upgrade computers that have operating systems in extended support before end of life.
Inactive Computers (15 points)
Issue: 53 computers were found as having not checked in during the past 30 days.
Recommendation: Investigate the list of inactive computers and determine if they should be removed from Active Directory, rejoined to the network, or powered on.
User Has Not Logged in in 30 Days (13 points)
Issue: Users that have not logged in in 30 days could be from a former employee or vendor and should be disabled or removed.
Recommendation: Disable or remove user accounts for users that have not logged in in 30 days (after checking that they're not out on family leave or an extra long vacation!).
Unpopulated Organization Units (10 points)
Issue: Empty organization units (OU) were found in Active Directory. They may not be needed and should be removed to prevent misconfiguration.
Recommendation: Remove or populate empty OUs.
The network risk assessment is only the first step in the process of ensuring your network is secure. Once you know what your weaknesses are, you can begin to plug those security holes.
For more information on everything to do with Managed IT Services, check out our resource page, here.
Topics:
