Comprehensive Security Audit

  • $399 base price including one server and five workstations. 
    (Free with Proactive Service Agreement )
  • $149 for each additional server and $25 for each additional workstation

You will receive a full report on the results of this audit.  The report will summarize security issues found and will also rank them in order of severity.

Software Blueprint recommends that your security audit include at a minimum your main server and at least three 'typical' workstation.  Only those checks appropriate for the computer role (i.e. server or workstation) will be performed on that computer.

Resources:
Our Security Audit covers the SANS Top 20 items as they apply to your business.

Security Top 20!!

 White Paper: Why Firewalls Fail

Using Microsoft Baseline Security Analyser Software Tool

  • Check that Security Accounts Database has encryption enabled (default is disabled)
  • Check Administrators Group Membership
  • Check that Logon Auditing Enabled
  • Check that Auto Logon is disabled
  • Check that Automatic Updates is enabled
  • Check for Unnecessary Services such as FTP, Telnet, SMTP etc.
  • Check that NTFS File System is being used
  • Check that built-in Guest Account is disabled
  • Check that Internet Connection Firewall is enabled and list of static inbound open ports
  • Check Account Password weaknesses
  • Check disabled or locked out accounts
  • Check Password Expiration policy
  • Check that Restrict Anonymous Users connections is enabled
  • Check for standard Internet Information Server (IIS) vulnerabilities
  • Check for standard SQL Server and MSDE vulnerabilities
  • Check for Current Security Updates in many Microsoft products (Office, Windows Media Player, BizTalk, ...)
  • Check Internet Explorer Security Zones configuration

Review of Data Backup and Restore Strategy

  • Summary of Strategy for Servers / Network / Workstations
  • Frequency of Backup
  • Frequency of Test Restore
  • Error Checking / Logging
  • Is Backup Routinely taken off-site?

External Firewall Why Firewalls Fail

  • Printed 'Hacker's View' of your Network
  • ICSA Certified Firewalls only? www.ICSALabs.com  
  • All traffic is denied by default
  • Specific rules are setup to allow desired traffic.
  • Any firewall features to prevent standard attacks are enabled
  • Firewall logging and notification features are turned on and tested
  • Firewall logs are stored for historical and forensic purposes
  • Password Protected with strong password
  • External logon disabled
  • Review of Firewall Policy
  • Users with Admin Password
  • Change control process
  • Documentation of opened ports; Opened by, Date, Reason
  • Policy to review Firewall logs
  • Patches and Updates to Firewall Firmware

Anti-Virus Software

  • Review Anti-Virus Software on select Servers and Workstations
  • Ensure that Anti-Virus software is updating properly

Servers

  • Documentation of all Internal open ports;
  • Documentation mapping open port to service using port
  • Documentation of all running services; What service and why it's running?; Can it be disabled?
  • Verify proper security template is installed on server 
  • Summarize policy for reviewing Event Logs; Make Recommendations
  • Review of power protection plan for servers
  • Summarize Windows Update for other MS applications Exchange, SQL Server, MS Office, Internet Explorer Identify other non-MS software that may need to be regularly patched; Ex. Veritas, PageMaker, ArcServe

Other

  • Make recommendations to improve Anti-Virus solution / Centralized Management
  • Review company Anti-Spyware solution; Make Recommendations
  • Review Company Password Policy; Make Recommendations
  • Review Company Policy for Software Installations / Administrator Privileges 
  • Review Company Policy for business use of Computers / Internet / Email
  • Perform Wi-Fi Wireless Network Security Risk Assessment
  • Check that Secure physical access to server is properly implemented
  • Recommend plan to remove NetBios and its inherent security risk from your network
  • Check that SMB Message signing is enabled
  • Review of Remote Access / VPN mechanism and associated security risk
  • Review email Anti-Spam solution

Workstation Security

  • Windows Update / Windows Software Update Services
  • Summarize Windows Update Configuration for OS

Local Workstation Firewall

  • Verify that XP Firewall is turned on and properly configured
  • In Active Directory Domain environment verify XP firewall controlled by GPO Local Administrator Account
  • Review policy for making users administrators
  • Review options to run applications with fewer privileges



Contact Info: Phone (800) 840-2499
info@SoftwareBlueprint.com
Software Blueprint IT Consulting
Oceanside, CA 92056