We have long recommended an IT network assessment as part of onboarding with new managed IT services clients. This provides a starting baseline of the current network infrastructure. From this, we can develop a strategy that will safeguard the systems used to run the business and ensure that the network supports the goals of the business.
A network assessment is a comprehensive analysis of your corporate IT infrastructure. The end deliverable is a detailed report covering the strengths and weaknesses of your network, including recommended changes to be made to improve performance, resiliency, and security.
You are probably already aware of some of the deficiencies in your network, especially if you inherited an existing network you didn’t design. But invariably as part of a network assessment, we find security issues of which the client may not have been aware.
Depending on your industry, there may be mandates to which you must comply that aim to strengthen your capabilities in keeping information secure. These include HIPAA, NIST, GLBA, PCI DSS, and more. Your provider should have the depth of experience required to perform different types of assessments focused on the overall health of your IT ecosystem, network, and its security. Your provider should also be well schooled in the latest compliance regulations that will enable you to meet new requirements as they emerge.
A network assessment provides a complete network inventory. You gain a comprehensive view of the entire IT environment including all devices that are running on the network (servers, switches, firewalls, routers, printers, end user devices, etc.). This can uncover design and configuration flaws, as well as devices and connections that pose security risks of which you were not aware.
The analysis will include helpful information about the network devices, such as hardware components, operating system versions, application licenses, signature update status, and warranty/support status. With this information, you will be able to correct issues such as unpatched software and expired software licenses.
Networks evolve over time. It’s very likely there are devices in place (and connections), of which you are not aware, that are hampering the performance of your network. In Corserva’s experience, it’s more likely than not that unknown devices or internal/external network communications will be identified via the assessment process.
Hindsight is 20/20.
Your network would probably look much different if you had it to do all over again. Instead, the deployment of new hardware, software, and applications has directly impacted your production systems, network design, and dataflow.
A network assessment can provide you valuable information that will highlight where changes are needed and what those changes should be to improve the network’s security and performance.
At Corserva, we first examine the overall network design including routers, firewalls, and network switches. We also consider the wireless network infrastructure. From there, we dive deep into everything connected to the network, such as servers, workstations, and printers.
When performing a network assessment, your IT provider will take these steps:
In addition to IT network assessments, which evaluate the overall performance and security of the IT infrastructure, assessments can be done that address specific regulations or concerns relevant to an industry.
Your corporate WiFi may be stretched beyond its limits. You might be struggling with spotty coverage and weak WiFi signal in parts of your building or campus. If your staff is relying on WiFi during meetings in conference rooms, cafeterias, and other locations away from their desks, you need a robust wireless network. Your wireless network may be called upon to support multiple mobile devices per user, way more usage than originally planned.
A wireless network assessment can enable you to support the growing throughput requirements of mobile users and provide proper traffic balancing from WiFi to switch to WAN.
For companies that have deployed large numbers of virtual servers, or who want to prepare for virtualization projects, a virtualization assessment provides the required foundation for planning purposes. For current virtual infrastructure, the assessment identifies all current configurations as well as VM “sprawl,” which can be created by the constant addition of new VMs without elimination of unused VMs.
A virtualization assessment provides an accurate view of the workload support required for new or expanded virtual environments.
Security should be a focus in any type of IT assessment, but a specific cybersecurity assessment can be beneficial for an organization with security concerns, or recent attacks or breaches. A network security assessment can pinpoint exactly how malware can traverse your internal network and identify end user behavior that leaves the corporation vulnerable.
By analyzing your network’s internal traffic over several days, a cybersecurity assessment can highlight high risk applications, at-risk devices, and other potential sources of future breaches.
A round of pen testing is most valuable after you have taken the necessary steps to secure your network. Network penetration testing is the act of intentionally trying to break into the network or access data. The test results will expose any external vulnerabilities and their associated impact, including internet, IP addresses, firewalls, email servers, and web servers.
After completing an IT network assessment and any other relevant industry assessments, you should first correct the design deficiencies uncovered during the assessments before having pen testing done by an outside party.
The National Institute of Standards and Technology (NIST) develops and issues standards, guidelines, and other publications to assist in managing cost effective programs to protect information of federal agencies. Companies working in the federal supply chain may need to comply with such mandates as NIST 800-53 or NIST 800-171. These mandates can impact both prime contractors and subcontractors.
A NIST assessment is the first step to becoming compliant with an applicable NIST mandate. You will protect any existing contracts you already have, plus gain a competitive advantage for future business.
In order to protect the privacy and security of consumer health care records, healthcare organizations may need to comply with the HIPAA mandate. A HIPAA assessment measures your compliance to HIPAA security rules.
The results of a HIPAA audit include a master HIPAA policy and procedures document, HIPAA risk analysis, HIPAA management plan, and a report detailing evidence of HIPAA compliance.
The Payment Card Industry Data Security Standard (PCI DSS) requires companies that store, process, or transmit credit card information to protect that information to reduce credit card fraud. The PCI DSS assessment checks to see if your company is storing data in a way that meets the requirements of this information standard in the areas of security, data archiving, and accessibility.
As part of a PCI DSS assessment, methods of all types of data storage are analyzed including onsite, cloud, and remote.
Security is not a shopping cart. Network assessment tools are only one part of the process — specific expertise is the other. Cybersecurity best practices require a multi-layered approach that provides visibility into your IT environment.
Using an outside provider to perform the network assessment can save time and money. That outside perspective will be able to deliver expert recommendations that will ensure your IT environment is secure and stays current defending against the latest cyber threats.
Corserva’s network assessment methodology follows industry best practices. Our assessments are performed by our engineers with certifications including CISSP, CISM, CGEIT, CRISC, CEH, and CompTIA Security+.
Our staff bring a wealth of knowledge and experience regarding the specific regulations tied to vertical industries such as manufacturing, financial services, and healthcare. In addition to network assessment services to analyze the performance and security of your IT infrastructure, we can perform wireless network assessments, virtualization assessments, NIST assessments, HIPAA assessments, PCI DSS assessments, and network penetration testing.
Sign up for a network assessment.
At Corserva, we take a holistic approach to safeguarding computer systems and data. Security is the foundation upon which all our solutions are built. Our services are supported 24x7x365 by our own US-staffed technical service centers.