A network security audit seeks to determine the effectiveness of network security, as a precursor to resolving underlying network security issues. A network security audit is part of an overall information systems audit framework that includes application software audit, operation system audit, and business audit.
Identifying Network Vulnerabilities
The first step in network security audit is identifying system vulnerabilities or threats.
The data that transmits to or from any network system remains susceptible to interception. Possible ways by which hackers intercept data include infecting the systems in the network with Trojan horses, viruses, email spoofing, and other methods.
A second vulnerability associated with networks is availability. Networks remain susceptible to attacks such as Denial of Service (DoS). However, it has been known to collapse without any deliberate external attacks if the network is loaded with data and users beyond its capacity.
The critical weak points of a network are its access points, or individual end user systems. Network security is interdependent, and such weak end user access points places the entire system at risk. Unauthorized access points created by users pose the most serious risk.
Controls
The second dimension of network security audit is evaluating the controls in place to resolve the vulnerabilities.
One level of control is physical or checking access points including network wiring and distribution points. A far more effective method is however ensuring encryption of data during transit. The methods of encryption are numerous, and include using digital signatures and digital certificates, or using a virtual private network (VPN.)
Controls related to ensuring availability of service are good network architecture and monitoring, through methods such as data capability management. For instance, availability of redundant paths and automatic routing allows switching the traffic to the available path without loss of data or time, especially if one path becomes unavailable. This also helps to resolve bottlenecks.
Controls related to access points relate to accepting only certain types of traffic, restricting performance of certain actions by locations and more, implemented through changes in configuration settings, and devices such as firewalls and anti-virus software.
The Audit Process
The basis of the audit is the nature of data handled by the network and the level and extent of security required, as specified by the overall corporate network security policy.
The audit process entails a thorough review of the network, including the system architecture, the use of software and hardware, the relevance of the tools used to perform specific actions, the connections to external networks, access control and privileges for users, the nature of checks and balances in place, and more.
Periodic network security audit is indispensable for the smooth and seamless functioning of networks, and in an increasingly connected world, where the very existence of businesses depends on real time interactions with suppliers, customers, and others, this becomes a fundamental exercise to ensure the protection of business critical information.
