Think Information. Think Security.
Network auditing plays a key role in the ongoing management and maintenance of your information systems. A proper network auditing program can help to maintain your systems security and your knowledge of what’s running on your network. It can also keep you from running afoul of any licensing issues.

Here are the five most important reasons to perform network auditing:

 1. Vulnerabilities

Use network auditing to assess the security of your systems and identify vulnerabilities. These can include unapproved services, weak or blank passwords, or open shares, and can be used to assess both workstations and servers. Identifying these issues is that first critical step towards remediating them.

 2.   Patch Management
Network auditing can play a key role in your patch management efforts as well. Use your network auditing reports both to identify those systems that need to be patched and also to confirm that patches have been deployed successfully.

 3.   Hardware Inventory
Network auditing can help you maintain an up-to-date inventory of all the hardware on your network so you know exactly what you have  and can therefore enable you to easily make hardware related decisions, such as which systems are getting old and need to be updated to keep up with the ever increasing work load. Periodic hardware inventories can also be useful for security, as in the case of unauthorized devices such as rouge access points which can be a serious red flag that warrant immediate attention.

 4.   Software Inventory
Speaking of software, knowing what is running on your workstations and servers is just as important as knowing what hardware is running. How many XP machines still need to be upgraded? Who is still running Office 2003 or hasn’t updated their PDF reader since 2009? Network auditing can give you a clear and complete view into what software is installed on your workstations and servers so you know just what you have, what needs to be patched, and…

 5.  Compliance
…what licenses you need. One of the most useful things network auditing can assist you with is your compliance activities. You can quickly and easily ensure that all systems are compliant with your internal policies, and can also be sure that you have licenses for all the software in use on your network. Too often companies find out only too late that an open share enabled everyone in the company to install software that was only licensed for one or two users, and have to scramble to true up.

Network auditing may sound like an arduous task but, with the right tools and the right approach, it can be an easy to perform and critical aspect of your network management. If you are not yet performing regular network auditing, use these five important reasons to convince management it’s time to start.

Cross-posted from: Infosec Island

Leave a Reply.