Threat Center Security News What is an Internal Network Risk Assessment?
What is an Internal Network Risk Assessment? Print E-mail
Written by Rebecca Mints   
Tuesday, 08 April 2008 10:49

An internal network risk assessment is a very in-depth review of the overall security of your network.  The primary objective of the assessment is to provide recommendations that maximize privacy, reliability and availability protection of the operating environment.  However, while security advice greatly focuses on data and information protection on servers, equal attention needs to be given to all hosts in an environment.  Like most things, your security is only as strong as the weakest link.  An  internal network risk assessment can take anywhere from five to 30 days to complete, and upon completion, comprehensive knowledge of a site’s risk will be gained and mitigation discussions may follow.

 

Our internal network risk assessment is comprised of five phases:

 

I. DETERMING SCOPE
Assessing who needs to play a role in the process, which IP's will be scanned, what resources will be needed, and notifying all the proper groups throughout your company when the scan will be taking place.
II. DISCOVERY
Detecting what is "alive" on the network.
III.
ASSESSMENT
Assessing what was discovered in phase II; this is when we scan for vulnerabilities.
IV.
VERIFICATION
Verifying what was assessed in phase III; ruling out false positives.
V.
REPORTING
The results of the scan.  Two reports are created; an executive and a technical.

 

This is just a brief summary of the processes we follow throughout a network assessment. For more information please fill out our Services Inquiry Form or visit the Help Center to contact one of our representatives.
 

WTW Threat Level