AuditingDionach offer a variety of security audits. These include a packaged network security audit that covers the security perimeter and the primary network servers, bespoke audits covering security perimeter devices, and an audit of the servers, software and databases relating to a particular system.
A security audit by Dionach will document the effectiveness of an organization’s security infrastructure and security policies relating to hardware, software and users.
A standard network security audit by Dionach is comprised of an examination of network topology, an audit of the firewall and server configurations, a review of security policies, and a detailed report of the findings, issues and recommendations.
An audit will demonstrate to management if investment in security is required to reduce risk to an acceptable level, and justifies security budget expenditure. A regular audit will identify any infrastructure of procedural changes that have caused any major security vulnerabilities.
A system will be made up of one or more applications that may run on a variety of platforms and have a variety of front-ends. These applications may rely on different databases and exchange information with each other and external third-parties. The applications will also depend on underlying operating systems and networks.
Depending on the agreed scope, Dionach will audit each part of the system, covering the network infrastructure, hardware, operating systems, applications and databases. The applications will also be tested for security weaknesses.
As core business systems have usually grown over a period of time, for
example from a single mainframe using terminal sessions to multiple component
applications including external web sites for clients, system security audits
usually uncover a variety of serious security issues, both internal and
external. Dionach's recommendations in the audit report aim to provide best
practice and real world solutions to issues discovered.
