Assessment and Auditing Services

You cannot effectively protect your systems and critical data until you have a clearly understand what and where these systems and data reside. Additionally, you cannot think of this as a one time process. You must continually, and regularly, reassess the environment to ensure you have a current actual view of this landscape. Once you have a process that provides an updated view of the landscape, you must then also create a process to also identify, monitor, and inspect the security controls themselves to include testing their functionality as any changes in configuration or effectiveness that may have occurred.

Your environment is a living system. Patches, configuration changes, user and group rights, network paths, device and application additions and decommissions all take place on an ongoing basis. This makes it difficult, but not impossible, to paint this landscape. In order to effectively inspect and monitor these changes and also obtain the information required to effectively react to the changes, you need to consider the following technologies and services:

  • Patch Management (for endpoints, security, and network devices)
  • Software and OS deployment and monitoring (for endpoints, security, and network devices)
  • Vulnerability Assessment Systems (to actively identify exposure to risk)
  • Penetration Testing Services (To identify actual compromise potential)
  • Change management tools and processes
  • Policy audit Tools
  • Personnel Training

More Information:

For more information on how Priveon can assist with your assessment or audit, please contact us.