The challenges of IT security assessment
Ingram Micro remains one of the world’s leading technology advisors and providers. In a world where information held by companies is potentially at its most vulnerable Ingram Micro are recommending security solutions to their customers. ThinkTech caught up with Ingram Micro’s Cyber Security Director, Marc Kassis who has a very clear view of the top questions that we should all be answering prior to embarking on a true security solution.
Before you can be comfortable with any IT Security solution, you first need to know what the challenges are, where the gaps might be and what the current IT security practices are.
To help you qualify the solution and guide the process, here are the top 10 questions you need to ask before you start the IT security assessment:
Do you have a clear picture of your overall security posture and of how it relates to industry best practices? Most customers don’t know IT security best practices and therefore have no real plan in place. This could be your opportunity to design a process for evaluation that works in tandem with your hardware and software solution.
Do you currently conduct security assessments, such as penetration tests on a bi-annual basis? This question can also help you to stress the need for regular security check-ups and ongoing evaluation of their network security.
How realistic is your plan for addressing the security gaps that you might have today? This helps you gauge not only what gaps they are aware of, but how serious they are about addressing those gaps.
Do you have an established process to address computer security breaches? Again, most businesses don’t have any process for responding to breaches. Take this opportunity to help them craft a response, and take time to train them on the process.
How confident are you of your ability to demonstrate compliance? This is huge. Compliance is mandatory, and your customers should always understand how their security integrates with their need for industry compliance issues.
Are you collecting security logs from your servers, firewall, router, switches and endpoints, and how (and how often) do you review/evaluate those logs to look for security issues? Is your process manual or automated? This question allows you to determine what, if any, security measures are currently being taken. It also allows you to emphasize the importance of collecting security logs and helping them understand how to conduct a review to identify possible threats.
What kind of hardware/software/process are you using to detect, intervene and terminate the operation of highly dangerous malware, such as ransomware? More and more, this question will become relevant to every customer you serve. Ransomware is on the rise, and your customers need to prioritize a response.
Who has access to full unrestricted administrative passwords on your IT system? You’d be surprised how seldom those passwords get changed when an employee with access leaves the company. Or maybe you wouldn’t. The important thing is to make sure your customers aren’t surprised when those former employees log in and compromise their systems.
How much time is being lost to UserID/Password tech support calls and issues? Answering this question for your customers is vital to demonstrating to them how important it really is to streamline this common issue in terms of OpEx.
Is your storage self-encrypting? Is it encrypted at rest and in transit? Is your data backup protected from ransomware? These questions allow you to have a serious conversation with customers about the need for encryption of their at-rest data and the importance of protecting their backup data in the event of an attack.