1
IT Governance
IT governance sets the foundation for an enterprise’s IT security posture. It requires an IT Steering Committee, IT policies, procedures, standards and guidelines and performance measures and metrics.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/1 IT Governance (Click Box If Yes)
2
WAN/MAN
Wide area networks are primarily associated with organizations that have multiple remote physical locations requiring direct connections to the enterprise’s core network. This section focuses on security and controls surrounding WAN and MAN.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/1 Remote Organization Location (Click Box If Yes)
3
Internet
All organizations have an Internet presence, Internet access, and third-party connections, such as cloud providers and strategic partners. This section focuses on the security and controls surrounding an organization’s Internet presence.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/5 Internet Presence (Click Box If Yes)
2/5 Remote User Access (Click Box If Yes)
3/5 Site-to-Site VPN (Click Box If Yes)
4/5 Cloud Providers (O365, Box, Google, SF) (Click Box If Yes)
5/5 Remote Vendor Access (Click Box If Yes)
4
ISP and Next-Gen Firewall
All organizations with Internet access have an Internet service provider (ISP) and a firewall to protect them from bad actors on the Internet. This section provides important security and controls related to the ISP and the Internet-facing next-generation firewall.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/2 Internet Router – ISP Managed (Click Box If Yes)
2/2 Next-Generation Firewall (Click Box If Yes)
5
Web Application
Many organizations enable customers to interact with them via a web application. Securing web applications has become a critical component of securing an enterprises overall technology environment. This section provides basic controls for securing web applications.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/2 Web Application Firewall (Click Box If Yes)
2/2 Web Applications— User Provisioning: (Click Box If Yes)
6
Core Router and WIFI
In this section, we begin to evaluate the internal network. A properly configured core router/switch is the start of a secure internal computing environment.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/2 Enterprise Core Router (Click Box If Yes)
2/2 Enterprise WIFI Network (Click Box If Yes)
7
Active Directory
Typically, a network has a directory service technology, such as Active Directory, and a network access control (NAC) solution. In addition, there is an access layer switch and defined user VLANs. This section provides important security and controls related to Active Directory, NAC solution, and access layer switching.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/4 Active Directory (Click Box If Yes)
2/4 Network Access Control (Click Box If Yes)
3/4 Distribution-Layer Switch (Click Box If Yes)
4/4 User VLAN (Click Box If Yes)
8
Server Farm vLAN
The final section of this high-level hardened enterprise network assessment focuses on enterprise applications and network storage. Effective data security is one of an enterprise’s most valuable assets. These questions provide insight into how the enterprise protects its data.
MUST-HAVE ITEMS
MODERATELY SECURITY-FOCUSED
EXTREMELY SECURITY-FOCUSED
1/3 Server Farm vLAN (Click Box If Yes)
2/3 Enterprise Applications (Click Box If Yes)
3/3 Enterprise Storage (Click Box If Yes)

ASSESSMENT COMPLETED!

Thank you for completing the high-level assessment.

We hope you find this information helpful in improving the security posture of your technology environment. If you have any questions, please contact us