Security Audit

Our Security Audit is an objective, consultative review of your security architecture and practices that gives you a benchmark on where you stand against industry best practices.  Our security experts will analyze and report on your security infrastructure, and our detail-oriented process will ensure that you receive a thorough review of your overall IT security.

With our Security Audit, you will:

  • Compare your security architecture to industry best practices
  • Discuss and review your security practices with an expert
  • Analyze the handling, storage, and transmission of your most confidential data
  • Use our detailed report to proactively make process or architecture adjustments to improve security
  • Address any specific needs, such as security in your software or application development, or other custom scenarios

Service Details:

Webfargo will review the type and placement of your network security devices as well as your security practices and procedures against specified security goals, industry standards, and company policies.

Security audits are custom processes, and can vary significantly by scope and intent, but they generally follow this template to some degree:

1. Determine Scope

  • Obtain an overview of company network
  • Discover locations of externally-stored data
  • Discover locations of external backups
  • Discern third parties that hold, or have access to, company data

2. Gather Information

  • Create or review network diagram
  • Determine where confidential/critical data is stored
  • Review communication methods with customers/vendors/partners
  • Review placement and type of security devices
  • Understand network segmentation

3. Review Processes

  • Review security processes/procedures with IT staff
  • Review security (and related) policies with IT staff
  • Review software development processes (if applicable)
  • Identify areas of staff/management concern
  • Identify any specific security goals
  • Identify compliance needs and determine applicable security regulations

4. Review Network Security

  • Gain basic understanding of internal/external connections
  • Review any third-party connections and VPNs
  • Determine wireless networking usage
  • Determine network access provided to guests
  • Identify critical or high security network segments
  • Gain an understanding of network backups
  • Gain an understanding of network/security management and monitoring
  • Understand how critical data is secured in transit and at rest
  • Understand network use and account authentication

5. Analyze Data

  • Review and deconstruct data gathered
  • Compare data to stated goals
  • Compare data to regulations
  • Compare data to industry security best practices
  • Perform gap analysis as needed

6. Create Report

  • Present all findings in a custom-written report
  • Confirm areas where no changes are needed
  • Review areas for improvement
  • Provide specific recommendations to close any gaps found
  • Provide actionable information to mitigate vulnerabilities
  • Present and review report onsite as needed

The result of Webfargo’s Security Audit is a thorough, custom analysis of your network, and a comprehensive report that can be immediately put to use as a security action plan.