DIY IT Security Audit
Security audits can be extremely expensive to hire an outside company to perform. They often require a specific skill set and can be very time consuming. But, if you are willing to dig in and spend some time doing the research, you can perform your own IT security audit.
10 Steps to Creating Your Own IT Security Audit is a very well written and extensive look at doing just this. It covers the majority of the bases when it comes to IT security and goes into more detail when required.
The ten steps that are outlined in this piece are:
- Defining the Scope of Your Audit: Creating Asset Lists and a Security Perimeter
- Creating a “Threats List”
- Past Due Diligence & Predicting the Future
- Prioritizing Your Assets & Vulnerabilities
- Implementing Network Access Controls
- Implementing Intrusion Prevention
- Implementing Identity & Access Management
- Creating Backups
- Email Protection & Filtering
- Preventing Physical Intrusions
This is definitely a heavy read and you will probably have to go through it several times just so that you are clear on what they are talking about and what you need to do but it will be worth it. After all, nobody wants to end up like T.J. Maxx!
If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?
No Responses to “DIY IT Security Audit”
-
The Fieldhouse Says:
July 5th, 2007 at 8:19 pmMicrosoft says IE Biggest Internet Threat, Get OperaSmall Business Primer on Network Security Threats20 Ways To Mark Safer Internet Day 2007Protect Your Privacy With A LiveCDPersonal Servers: Are We At That Point?New Security Blog With PromiseDIY IT Security AuditE-Mail Request: USB Based AntiSpywareThanks, Google! Sincerely, SpammersAnatomy of a Network HijackingWilliam Shatner: IT Security Specialist!?Don’t Be a Soldier in the Botnet ArmyUsing Whitehats to Stop Blackhats
