© Copyright Global IT Technologies PTY LTD 2005

 


IT SECURITY
Security: it’s a process, not a product

Whilst the Internet and widespread connectivity has transformed the way we do business, it has opened the door to ever increasing security threats. You need to keep the unknown and unauthorised out, whilst maintaining the ability to give access to authorised users, trusted customers, suppliers and mobile/remote users.

Global IT offers a range of network security services including:
• Security infrastructure design and policy development.
• Security auditing, including penetration testing.
• Security technology implementation
• Managed security services

The threats are constantly changing and therefore your network security must be an ongoing process in order to remain secure.

There are many elements of network security and a layered approach is generally the most secure. However whilst there are great Security technologies on the market today, the keystone to secure networking is definition and implementation of an effective security policy.


Security Audit :

Global IT's Network Security Audit comprises a number of components that can be used individually or as a package to meet your unique security needs.

The objective is to identify areas of vulnerability throughout the corporate network and to assess if the practical application of security measures within the company is aligned with the security policy. Our consultants complete a gap analysis to establish where the client is now and where they need to get to, to achieve their security requirements.

The deliverable is a report, which provides a comprehensive overview of your current network security, identifying potential issues and recommendations to overcome them. The duration of the audit will be based on the scope of the areas to be audited and whether involvement is required to action identified problems.

The security audit typically includes:


Analysis of security from within the network
Connecting to the network from several internal points enables us to assess the protection against attacks from within the organisation. This analysis may also include the configurations of internal firewalls, routers and other network elements.

The areas that are audited include:

• Desktop and user control through the use of Passwords, Policies, Profiles, Scripts and User Rights to identify any potential weaknesses or excessive rights.
• The use of Group Strategies.
• The organisation of Applications and Data on the Servers
• Virus Protection, Detection and Removal at the desktop & server
• Web content management policies to ensure only appropriate sites are viewed by users.
• Review of segmented LANs with the use of VLANs or IP subnets


Analysis of security from outside the network

A network with no connection to the outside world is a rarity in today’s business environment. Any connection allowing traffic into or out of your network provides hackers with a door to your systems and business data

The Global IT Security Audit examines all access points to determine if the operational environment fulfils security guidelines detailed in the security policy, whilst maintaining the functionality requirements.

The analysis includes:

• Firewall and router configuration, rule sets, access lists and patching levels
• The manner in which Remote Access is granted
• Level of network access granted to authorised remote users
• Security Issues in Remote Data Transfer
• Examine extent of Network access available remotely
• Examine extent of exposure to Viruses from Email and via Web.
• Virus Protection, Detection and Removal at the gateway & mail server.


Penetration testing

Sometimes called Ethical Hacking, the GlobalIT Penetration Test involves us posing as a potential hacker. Agreed in advance with the customer, servers and other components of an Internet service are attacked utilising different tools and techniques including
• Port scanning
• Scanning of active hosts
• Assessing firewall defences
• Investigate router vulnerabilities
• Examine DNS server configuration
• Identify any unnecessary information leakage
• Ethical exploit attempt of known vulnerabilities

This service is available as a one off consultancy project, however we recommend quarterly or monthly penetration testing, to ensure your systems are secured against the new threats appearing everyday. Each test includes provision of a detailed report of findings and recommendations for closing any vulnerabilities, which are graded according to severity. The scheduled service can be combined with our vulnerability notification and patch update service ensuring your servers are always at the correct security patch levels.


Backup and Disaster recovery

Data loss, whether accidental or due to a security breach can have serious implications for any organisation today. Maintaining regular and complete backups is a vital element of your security strategy. Our consultants review the frequency, storage and testing of backups to establish a procedure that will minimise the risk of losing data. Disaster recovery procedures are also examined to ensure there is a formal process for dealing with a security breach


Physical security and administration audit.

Investment in technology to secure your business data could prove to be futile if the physical security is overlooked. The Fordway Security Audit includes a review of access to the building, any machines on the corporate network and the servers/comms room.

Ongoing maintenance and administration of the security strategy is necessary due to the constantly evolving threats. Our consultants examine the maintenance processes and practices and will identify who is responsible for the ongoing maintenance to ensure that the operational activities support the technical solutions

Successful network security is a combination of policy, technology, process, education and continual management. There are some great security technologies on the market today and Fordway partners with key players in this area.


Firewall

A firewall enforces a boundary between two or more networks by forcing inter-network traffic through a centrally managed choke point or set of choke points. Traffic attempting to cross this threshold is subject to a set of rules, if it does not meet the criteria it is not permitted through.


Antivirus

Rules are detailed in your security policy, which can be defined to allow or deny protocols, IP addresses, Domain Name Service domains or individual users. Policies are flexible and can be updated as the network evolves. The firewall enforces the policies.


Content Filtering

Firewalls are a cost-effective way to add security to a network. They concentrate network control in a small number of systems easily managed by a few administrators. Most firewalls can also provide a permanent record of network activity through a logging capability that can monitor inter-network traffic and alert administrators to problems


Authentication

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. With increasing levels of remote working and electronic trade, both of which are becoming more important to business, you need to ensure that the person accessing your systems or placing the order is who they say they are and have the authority to do this,

The most common form of authentication is logon passwords. Knowledge of the password is assumed to guarantee that the user is authentic. Whilst being widely used, passwords are not considered a very strong form of authentication. Passwords that are easy to remember are equally easy to crack using simple and widely available hacker tools. The next level of authentication is called Two factor authentication, which comprises a password plus another form of identification that can be independently verified

For organisations requiring a higher level of security, such as for financial transactions, the use of digital certificates issued and verified by an Independent Certificate Authority (ICA) as part of a public key infrastructure is likely to become the standard way to authenticate on the Internet.


VPN

Virtual Private Network (VPN) technology provides a private, encrypted tunnel through the public Internet space and presents a great alternative to expensive fixed links connecting remote offices.

VPNs also offer a great opportunity for secure remote working, enabling you to give your users the flexibility to work where and when they need to, with full access to their desktop applications and network resources. VPN is now more effective than ever for remote working, with ADSL connectivity giving decent bandwidth at low cost.

The basic components of a VPN – encryption, keys, digital signatures, authentication and tunnelling ensure security and integrity of data as it travels across the public network. One time password technology can heighten this security further.