A network assessment is like a physical for your business – it is a periodic evaluation to ensure all vital signs are good, systems are functioning properly, and your network is secure against the latest threats.
A network assessment is a detailed report and analysis of your company’s existing IT infrastructure, management, security, processes, and performance. The purpose of the assessment is to identify opportunities for improvement and get a comprehensive view and current state of your existing network.
Network assessment is a term that refers to various things in the context of network devices. It could mean the analysis of such network devices to find which devices are obsolete. It could also refer to the assessment of network performance, a review of network architecture, a security assessment of network devices (including security compliant configuration, bugs, vulnerabilities etc.). The term network assessment could also be used to refer to the network inventory used to discover what network devices are running on the network. The definition of network assessment could also include applications, servers, operating systems etc.
After a network assessment is complete, it will be analyzed by network consultants for vulnerabilities and existing problems that could leave your company at risk for a breach and business interruption. There are several categories that are assessed including: hardware, software, configuration, accessibility, and security risks.
Hardware will cover servers, workstations, printers, and non-AD devices like switches, routers, and printers. It will also look at old computers which are still joined to the domain and have not been removed.
Software will examine systems with missing patches, service packs, and security updates. It will assess local accounts (per system) with weak and insecure passwords, as well as systems with missing anti-virus, anti-spyware, or firewall misconfiguration.
Configuration will cover security policy inconsistencies across network servers and computers. It will look at outbound system access that should be blocked. Additionally, it will examine lack of content filtering such as social media, entertainment, pornography and illegal downloads.
Accessibility will focus on the misconfiguration of user access to network shares, as well as a detailed breakdown of AD Security Group Membership.
Finally, security risks will look at old user accounts which still may have access and have not been properly disabled, internal systems with open ports that pose a potential security risk, and external issues which put your network at risk of business disruptions or data loss.
The network assessment results in an executive summary that will provide the business with an overview of the devices on the network along with a network Risk Score and analysis of each potential issue uncovered. An IT consultant or a Managed Services Provider in Dallas and Plano will review the document with the stakeholders, discuss the findings in detail, and answer any questions they may have. The information in the document should outline the issue, its impact to the business and recommendations for IT solutions to move past these obstacles.
A security risk assessment is conducted by identifying, assessing, and implementing key security controls in applications. It also focuses on preventing application security defects and vulnerabilities. WHAT ARE THE GENERAL STEPS FOR A SECURITY RISK ASSESSMENT? The steps required to perform an effective security risk assessment are to identify assets, identify threats, identify vulnerabilities, develop metrics, consider historical breach data, calculate the cost, and perform fluid risk to asset tracking.
The security assessment plan defines the scope of the assessment, in particular indicating whether a complete or partial assessment will be performed and if the assessment is intended to support initial pre-authorization activities associated with a new or significantly changed system or ongoing assessment used for operational systems.
A network evaluation may consider a range of questions and adopt a variety of options for undertaking the evaluation depending on factors such as the type, size, stage of development and purpose of the network. Networks may be closed (bound) or open (unbounded), web-based or located within a specified geographic area.
It is assessed by defining tech needs, determining if your network is getting the job done, identifying what is lacking, evaluating Total Cost of Ownership (TCO) of new technology, and making sure to have a disaster/redundancy plan implemented.
