Over time any organization’s network infrastructure changes. These changes are due to organizational needs, process changes, resource needs, and many other factors. Typically, these changes are looked at from a tactical standpoint. How do we get from point A to point B as seamlessly as possible? In many cases, security is an afterthought. Network and System changes take place and inadvertently open holes or attack vectors without the knowledge of current systems owners. Even the implementation of best of breed advanced security technologies won’t help if the underlying security architecture is flawed.
Shield 7 helps organizations with its Security Architecture Reviews, by conducting a systematic examination of the all the layers of an organization's network. We will examine the existing network topology and deployment of the security controls within the organization like firewalls, IDS/IPS, network segmentation and make recommendations to increase the effectiveness of the security controls.
Some of the aspects that will be examined are:
• Review latest Threat Risk Analysis report.
• Analysis of current IT network, information flow according to business requirements and points of access to information.
• Analysis of current security controls and procedures for various security management areas.
• Analysis existing network security architecture, including topology / configuration, and security components / features.
Based on the observations made, our consultants will provide an assessment of the existing security controls and make prioritized recommendations on improvements and/or additional controls to meet specified security policies and to mitigate all the threat vectors. Defense-in-Depth principles will be used to ensure security controls are applied for information transport, and access to networks, hosts, applications and data.