IT Security Assessment
An IT Security Assessment is a great way to take an inventory of what your needs are in IT Security. Whether you must comply with regulatory requirements, including HIPAA and PCI, or are concerned about your IT Security, consider an IT Security Assessment as a starting point to see how your company is protected today.
If you perform an IT Security Self Assessment, the Computer Technology Industry Association, CompTIA recommends you ask yourself some of the following questions:
Data Types and Storage
- Do you store Private Health Information (e.g. HR records). If so, how many records?
- Do you store Personal Financial Information (e.g. SSN, date of birth, account Information, banking information). How many records?
- Do you store credit card data? How many records?
- What is the nature of your confidential intellectual property?
- Where do you do business – state, national, international?
- Where are backup devices (tapes, drives) stored? In a secured area?
Company Information
- What is your tolerance for downtime (for the most critical applications)?
- Do you carry breach insurance?
- Do you carry liability insurance?
- Have you had a breach in the past three years? If so, what were the consequences?
Security Processes
- Do you have written security policies and procedures?
- Do you perform internal audits? How often?
- Do you perform external audits? How often?
- Do you perform vulnerability checks? How often?
- Do you regularly review policies and procedures?
- Do you have an incident response plan?
- Do you have employees working from home?
- Do you have encrypted hard drives? Removable media?
- Do you control and log privileged access?
- Do you have a mobile device strategy?
These are some of the questions you should ask yourself when you perform an IT Security Self Assessment. For a complete IT Security Assessment and network health check, contact your IT Service Provider today.