The 3-step approach to improving IT security
Every year we regularly schedule physicals, oil changes, car inspections, and other appointments in order to keep the systems that we depend on running at peak operational efficiency. There might not be anything noticeably wrong to necessitate one of these checkups, but that’s not really the point. The purpose is to take a proactive approach to system maintenance in order to catch any coughs or hiccups that might later call for an expensive fix.
SHI recommends a similar preventative approach to IT security. Organizations need to regularly assess their security programs to pinpoint small issues that could later turn into devastating security leaks. They can do this internally or hire a professional security services team.
To help our customers confirm that they deployed their security controls properly and identify any security gaps that might exist, SHI developed the Security Posture Review (SPR). The SPR is an assessment designed to evaluate various technical and operational security controls within an organization’s IT environment, which will help maximize security spend.
Our SPR consists of three phases:
1. Collect. Our consultants perform a variety of on- and off-site activities designed to identify how controls are deployed throughout your environment. To uncover this information we use automated commercial security assessment tools, perform manual assessments of controls and systems within your environment, and discuss environmental procedures with members of your IT team. Rather than trying to boil the ocean, SHI typically uses a sampling methodology that identifies critical systems along with standard configurations. Sampling reduces the scope of the project by identifying critical and typical systems within your the environment, thereby reducing the number that need to be examined. In addition to saving time, this reduces interruptions to your operational environment. This first phase looks at:
- External and internal system vulnerabilities – An automated and manual examination of systems as they appear to both authorized and unauthorized users.
- Firewall, perimeter, and intrusion detection system security – A review of the systems’ configurations as well as their deployment within your IT infrastructure.
- Remote access security – An examination of how your users and partners access the perimeter and internal systems.
- Data loss prevention – An inspection of traffic passing through your network’s Internet gateway to identify potentially sensitive information as it leaves your control.
- Antivirus, spyware, and endpoint protection – An evaluation of how endpoint controls are deployed on hosts as well as the management of their lifecycle.
2. Analyze. Although SHI’s consultants use automated tools to filter information discovered within your environment, our engineers have many years of experience in both the IT operations and consulting fields. This allows us to draw on best practices and IT frameworks to create an accurate picture of how your security controls and processes work. SHI provides insights into what the findings mean and identifies what information is most impactful to your network and systems.
3. Report. At the conclusion of the assessments, customers receive a two-part executive summary that highlights any risks and reports technical findings. The report also identifies how these findings were determined and offers a prioritized task list for any fixes. Because it can be important in future auditing efforts, SHI provides the finished report along with the supporting artifacts and discovery information.
Whether you’re evaluating the effectiveness of your security controls internally or externally, regularly assessing your systems can help you identify and plug vulnerabilities that might otherwise cost you hundreds of thousands of dollars if exposed. For questions about SHI’s SPR, please reach out to your local SHI account executive or SecuritySolutions@SHI.com.