Step 3: Let everyone know that problems will likely occur

You don't know everything about every system you need to test for security flaws. Get others engaged in security assessments; they'll be more likely to help you if trouble arises.

Speaking of trouble, it's pretty much guaranteed that something unplanned is going to happen during your testing.

This is arguably the most important yet most overlooked area of performing security assessments. Windows accounts may get locked, services may stop responding or the business Internet connection may slow to a crawl. You could accidentally schedule your testing tools to run scans at the wrong times. You may even have trouble using one of your security tools that delays the testing and throws the entire testing window off.

Don't let the words, "It'll be all right," become forever branded onto your name or career. It's better to tell people up front that stuff like this may very well come up. They'll know to be on the lookout and won't get caught off guard.


Setting your Windows security assessment expectations

 Home: Introduction
 Step 1: Determine the business goals
 Step 2: Get input and information from others
 Step 3: Let everyone know that problems will likely occur
 Step 4: Let your testing be known and keep people in the loop
 Step 5: Report what happened

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments involving compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He also created the Security On Wheels series of audiobooks. Kevin can be reached at kbeaver@principlelogic.com.

 

This was first published in March 2007

Dig deeper on Endpoint security management tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close