Vulnerability Scan — Internal, External, or Both
- Used to identify potential software exploits that are already known
- Comprehensive scan of the entire network to ensure every computer is evaluated
- Typically performed monthly
A vulnerability scan is the most basic and is typically considered the “bare minimum” when it comes to network security. A vulnerability scan by itself will often times allow a small business to meet various regulatory requirements whether mandated by HIPAA, meaningful use, PCI compliance, etc. This scan will provide you with a list of the current vulnerabilities that affects your current setup. Typical items that are identified in a vulnerability scan are unnecessary or dangerous ports opened on your firewall, un-patched or out of date software on servers/workstations, unnecessary services running on computers, etc.t.
Vulnerability and Security Assessment — Internal, External, or Both
A security assessment is the logical next step beyond a vulnerability scan and is vital for businesses of any size who truly value the protection of their (or their customers) data. Unlike a normal scan, an assessment will not only provide you with all of the information about current potential risks that are identified on your network, but it will also give you information on how to address your current threats along with an ordered list that is based on the level of risk importance. This involves going through and auditing firewall rules, testing common guidelines and best practices, etc.
- Provides a game plan of how to fix the current issues that reside in the network
- Addresses and identified potential weaknesses in an infrastructure
- Used to identify unknown “zero-day” exploits and vulnerabilities
- Emulates a real-world attack using the same tools the “bad guy” would
- Usually performed by multiple professionals to ensure accuracy and thoroughness
A network penetration test is recommended for businesses who have previously went through assessments and have likely re-mediated a good portion of the findings. Penetration testing is the process of using current threats and exploits to access the network. This will help allow you to protect yourself and prevent an attack that can be potentially harmful to not only to your business but to your customers as well.
Another critical step in the security process often overlooked due to time constraints or complexity is remediation. Regardless of the amount of times the network is scanned or tested, without remediation all of the previous services are for naught. Here at Sicoir Computer Technologies, once the assessments are complete, we are willing and able to fix identified security issues that affects your network so that you may get as close to 100% protection as possible.
- This is the most important step, without fixing the issues found you are still vulnerable
- Block all unnecessary ports from the outside world
- Stop or reconfigure all unnecessary services that may cause security breach
- Set up and identify network monitoring tools
- Eliminate as many potential avenues an attacker may use to access your data and your network as possible