Computer Forensics Lab
IT Audits & Assessments
The general definition of an audit is an evaluation of a person, organization, system, process, enterprise, project or product. The term most commonly refers to audits in accounting, but similar concepts also exist and play a precise role in your IT environment..
The purpose of an assessment is to measure something or calculate a value for it. Although the process producing an assessment may involve an audit by an independent professional, its purpose is to provide a measurement rather than to express an opinion about the fairness of statements or quality of performance. As a general rule, audits should always be an independent evaluation that will include some degree of quantitative and qualitative analysis whereas an assessment infers a less independent and more consultative approach.
An information technology audit, or information systems audit, is an examination of the management controls within an Information technology (IT) infrastructure. The evaluation of obtained evidence determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively to achieve the organization's goals or objectives. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.
From the small business to large enterprise, Cyanre has a variety of audits and assessments in order to help shape, guide and maintain your IT environment.
Compliance and Standards Assessments
This service has been developed for businesses in which there is a need for the IT infrastructure (particularly business servers) to comply with various regulatory standards such as ISO, HIPAA, GLBA or other standards, but where the business is either lacking in the requisite knowledge or sufficient resources (or both) to achieve such compliance.
Using our Netclarity Hardware Auditor we deliver an initial assessment of the current state of environment, internal or external. We assess and assist to repair vulnerable areas until the audit passes the related standard requirements. There is sufficient documentation to help you review the results, but we will also gladly assist you to refine and update policies and related documentation for your business. Key Features that Netclarity Auditor provides are:
- Vulnerability Management Identification.
- Track and Log Network Assets while auditing.
- Finds and Reports on Thousands of possible weaknesses through a non-invasive Audit.
- Quarantine Dirty, Weak or Un-trusted Systems.
- Cleanup and Harden Trusted Network Assets.
- IT Regulatory Compliance.
- Generate Regulatory Compliance Gap Analysis and Differential Compliance Reports including the Latin American banking standards.
- Auditing and policy builder for VISA/MasterCard PCI, GLBA, HIPAA, CFR21-FDA-11, SOX-404, EO13231, Gov. and International (ISO27001/17799) compliance.
Electronic Assett and Software Compliance Assessments
Being in a position to know exactly how old equipment on your network is and what you have in your IT environment will assist in your decision making, budgeting and IT overall wellbeing. Using client server based software we will audit each network workstation's or servers' hardware and software profile. Our special audit licenses allow us to provide the product as a service to our customers at a very affordable rate.
The Software Agent Technology ensures that, no matter where globally the assets are located, or which platform they are running on, IT and business managers have full visibility of all resources. Any new hardware or software added to the network is automatically recognized and added to the asset repository.
A failure to understand how the IT assets on the corporate network are being used can have serious financial, security and productivity issues. The Software IT audit and network inventory solutions help organizations address key IT management challenges.
- Full PC audit and hardware discovery.
- Software discovery and usage tracking.
- Automatic discovery of new IT assets.
- Dynamically-updated network inventory.
- Track Software Usage, see which Users are actually using a product.
- And the most import one, using the data obtained to determine your software compliancy.
Discover, audit and track all hardware assets (from PC and servers to managed switches) and installed software, across all locations on your network. As an optional service we offer our team to assist with the tedious job of cataloging and filing all software media and licenses obtained throughout the years.
The electronic assessment entails using a combination of tools both hardware and software based. The main product which we use for discovery and trending of the utilization of the network is Protocol and Integrated Network Analyzer. The necessity of such an assessment is is clearly understandable in the report which includes the following.
- Network Diagram - Using SNMP information a simple logical diagram showing switch and server connections are provided.
- Network Discovery - All connected devices such as switches, routers, workstations and printers.
- Network Utilization - Per port in a managed switch environment and global in a hub environment.
- Network Errors - Per port in a managed switch environment and global in a hub environment.
- Configuration Issues - Incorrect IPs, Subnet masks, and Duplicate IPs.
- Network Structure - IP Subnets, IPX Nets, and NetBIOS Domains.
- IP Inventory - Complete assessment of IP Addresses and Subnet masks.
- IPX Inventory - Net name, Mac to IPX, Duplicate IPX, IPX encapsulation, and IPX routing.
- NetBIOS Inventory - Domain names, NetBOIS to IP, WIndows OS, Duplicate NetBIOS, and IP, IPX, and NetBUI protocols.
Diagrams and Drawings
Using both hardware and software based equipment we can extract the required information from your network switches and provide adequate network drawings of actual connected devices. This capability is possible only with network switches that has SNMP (Simple Network Monitoring Protocol) installed on the operating firmware of the switch, we can supply loan network switches to those customers who does not have the capability on their current switches and assist in providing the same drawing result.
Device discovery can help you in two major ways: Determine who and what in on the network, and help managing your electronic assetts. Knowing what is connected on your network is an important security risk management factor for any organisation, knowing who and what is on the network helps you to manage and secure your resources. Having a clear asset registry of your electronic devices connected to the network can help manage your asset register and assist with financial planning.
The aim of this assessment is to identify the network interface (Ethernet) with the highest average utilization. This indicates the bandwidth utilization of the specific network interface. Please note that a lot of serial connections are listed under the top 10 interfaces, analysis is done on the Ethernet interfaces for the purpose of this document. Bandwidth is the transmission capacity of an electronic pathway such as a communications line, computer bus or computer channel. Network utilization is the ratio of current network traffic to the maximum traffic that the port can handle. Through monitoring network utilization, we can understand whether the network is busy, normal or idle and identify devices that causes high utilisation. High utilisation from devices can cause other network resources to become unresponsive or in worst case scenarios cause major downtime, from devices like faulty network switches, routers, old network interfaces on computers or simple network fly lead may have a negative effect on your network health.
Conflict and Error Detection
The aim of this assessment is to identify the network interface with the highest average error rate. The error rate indicates the number of errors experienced during transmission and is expressed as normalised average error rate of utilised bandwidth.
LAN Cable Verification Tests
In copper twisted pair wire networks, copper cable certification is achieved through a thorough series of tests in accordance with Telecommunications Industry Association (TIA) or International Organization for Standardization (ISO) standards. These tests are done using a certification-testing tool, which provide “Pass” or “Fail” information. While certification can be performed by the owner of the network, certification is primarily done by certified cable test technicians. This certification allows us to verify and warrant your network cable infrastructure and the quality of work provided by your installer
Chat and Porn Assessments
ERT (Emergency Response Tool) for business and education can help employers, managers, and administrators deal with the problem of pornography in the workplace or within a school. Simply asking a HR professional, manager or IT admin to investigate a suspect computer without safety tools is no longer acceptable and potentially creates additional liabilities.
By using safety tools, the metadata information window, and reports to make a determination on the nature of a file without ever having to see the entire image or exploiting the user to explicit material.
Highly mobile and completely cross-platform compatible, ERT is the ultimate tool for performing first-response, triage, and consent searches. You can protect yourself, your employees and your company from potential legal liabilities, while boosting productivity and conserving the use of important company resources (computers, bandwidth, etc.) The initial installation, configuration, scans and reports will be done by Cyanre where after the application will be the property of the client.
IT Support and Security Assessments
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. The goal of a security assessment, (also known as a security audit or security review), is to ensure that necessary security controls are integrated into the design and implementation of a project. A properly completed security assessment should provide documentation outlining any security gaps between a project design and approved security policies.
Cyanre offers the assessment phase to help determine the best viable solution, using the results obtained we can have an overview of areas for improvement or approve on a maintained compliance.
Most IT security services life cycles provides IT security decision makers and managers with a six-phase process by which they can select, implement, and manage IT security services. IT Security services life cycles has both a linear and iterative component. It proceeds linearly from initiation to implementation, but the assessment, solution, and operations phases must continually occur for an IT security service to succeed. Cyanre assesses both on an internal and external level, the difference is that we can assess certain hosts without being a threat to business continuity, detecting vulnerabilities and assisting to close them is far more productive and logical.
Wireless Perimeter Assessments
The aim of this assessment is to verify legally installed wireless access points and devices within your environment. This assessment helps confirm rogue wireless devices that may have been installed on your network that can open your network to external threats. Wireless technology today is freely available to consumers and can end up within your environment without you knowing, by frequent verification you can ensure the safety of your information.
Internet and Email Monitoring Assessments
All our basic communication today is either through our email or internet information exchange, from business to personal information runs through the internet and managing it is becoming more and more problematic.
Using our monitoring solution we can help you review the communication going in and out of your organisation. Captured analysis will assist in determining possible solution for your organisation to put in place in countering organisational information from reaching unwanted sources and help control information exchange between your users.
Performing a policy assessment is the first step in tackling the review of an existing policy portfolio, or even the development of a new single policy. Our IT Policy Assessment will allow you to:
- Create a centralized IT policy inventory.
- Review individual IT policies against quality criteria.
- Assess the gap between the current and target state of the policy portfolio.
- Evaluate and prioritize the work effort required to fill the gap.
- Measure the impact that policy changes will have on the enterprise.
- Identify gaps in your policy portfolio and develop a shortlist of important policies that need to be amended or created from scratch.
Spyware and Malware Assessments
We deliver a comprehensive anti-malware IT security assessment of your IT environment. We map a customer's malware/virus exposures and threats and define it within a customer's policies, processes, procedures, networks, technology and systems. This gives the customer the benefit of an external anti-malware review of their environment, which analyses and measures their level of virus security, versus industry standards and best practices. This high-level evaluation will provide a representative list of vulnerabilities, risks, and requirements and related recommendations.