What's in a Network Security Audit?
Basic Network Security Audit
1. Ensure only "expected devices" on your network. No intruders
a. Scan for Wi-Fi Clients
b. Scan for Ethernet Clients
2. Scan for open (unsecured) networks
a. Ensure all networks are password protected
b. Scan for hidden networks
c. Evaluate password strength
3. Ensure robust infrastructure
a. Ensure no default logins
b. Evaluate password complexity
c. Evaluate uptime - time since reboot
d. Evaluate firmware age
e. Evaluate End Of Life / End Of Service Devices
4. Ensure Equipment configuration
a. Look for Open Ports - internal
b. Look for Open Ports - external
c. Look for Open Shares
d. Look for unauthorized user access
5. Produce an Electronic Report detailing findings of the steps above
Professional Network Security Audit
1. Everything contained in the Basic Network Security Audit
2. Ensure appropriate network access
a. Review WiFi Connection logs (when available)
b. Review device configuration logs (when available)
c. Monitor Network Quality
3. Ensure your network is documented
a. Produce a Network Map
4. Alerts
a. Produce access alerts (when supported by equipment)
b. Produce usage alerts (when supported by equipment)
5. Produce an Electronic Report detailing the findings from the steps above
Custom / Expert Network Audit
1. Everything in the Basic and Professional Audit.
2. Ensure your network is used properly and efficiently
a. Monitor for inappropriate/excessive usage or streaming
b. Monitor for unauthorized users
3. Produce an Electronic Report detailing the findings from the steps above