Cybersecurity Infrastructure Checklist
By Michael Hotchkiss, Chief Technology Officer
Pretend for a moment that you are managing a Fortune-500 company's IT Security department. What would your team look like? What kind of hardware would you have? What kind of software? What kind of balance should you have, given that EVERY company is trying to make every dollar go a little further. We can start making a roster once we know what positions we need to fill. Here is a typical list of positions that must be filled in any mature IT infrastructure:
Our Cybersecurity Infrastructure Checklist:
1. Internet Service Provider
- What kind of internet access should I have?
- Do I need redundancy?
- What service level can we afford?
2. Firewall
- Do I need redundancy?
- Will users need to VPN in to my network remotely?
- Do I have staff that can implement and maintain all the features we need?
- How much traffic will be going through this firewall?
- How many networks am I securing?
3. Intrusion Detection/Intrusion Prevention (IDS/IPS)
- How do I know if my network has been compromised?
- What happens if my IDS/IPS has a false positive? False negative?
- Who is notified?
4. Web Usage Monitoring
- Where are my users going on the corporate internet connection?
- Are known malicious sites blocked?
- Can you block specific sites quickly?
- Should you decrypt HTTPS connections?
5. Security Information and Event Monitoring (SIEM)
- Are all my events logged to a central repository?
- Am I able to quickly search for events in a single location?
- Can I correlate events from disparate devices to determine if our organization is under attack?
- Are my logs sufficient to investigate a Cybersecurity incident after it takes place?
6. Security Awareness Training
- Are my users trained to avoid clicking on suspicious links?
7. Endpoint Security
- Which endpoints need to be protected?
- Is this anti-virus only, or anti-malware as well?
- Is there a performance impact with endpoint security software
Conclusion
These are broad strokes that cover a wide range of cybersecurity needs - you will need to decide what products and services fit your needs.
If this seems too overwhelming, Asgard is here to help.