Events that Require an Immediate IT Security Assessment

All Covered has identified the following types of events that that should automatically trigger an immediate security assessment.

November 18, 2011 by Alex Collins

Events that Require an Immediate IT Security AssessmentIn addition to the regularly scheduled assessments and audits that your business includes as part of its security plan, there are other instances where and immediate security assessment should be performed. Security events that require an immediate assessment are events that threaten the confidentiality, integrity, and/or availability of data. All Covered has identified the following types of events that that should automatically trigger an immediate security assessment.

Verified network breach

In the event that a verified security breach has occurred and your business cannot determine if data or any part of the network was modified, your business needs to have a security assessment. Security breaches which should trigger an immediate assessment include, but are not limited to, the following:

  • Actions by an unauthorized user
  • Accidental actions by an authorized user
  • Unlawful actions by an authorized user

Newly discovered application and hardware vulnerabilities

Vulnerabilities are always being identified and your business needs to protect itself. Because many of the newly discovered vulnerabilities don't have fixes, secondary security measures need to be implemented. An immediate assessment will identify the specific scope of the threat to your business' infrastructure and help identify the best secondary solution. To learn about vulnerabilities consult with the following sources:

  • Vendors of hardware and software
  • Trade groups
  • Law enforcement

Lost or stolen computing devices and media

In the event that a laptop, smartphone, backup tape, or other media device is lost or stolen, your business should consider an immediate security assessment if any of the following data types were stored on the missing device:

  • Passwords
  • Network diagrams
  • Firewall and router configurations
  • Wireless network information

Significant modifications to the IT infrastructure

Adding, updating, or removing hardware, software, or firmware can create new security holes within your network. The following modifications should trigger an immediate security assessment:

  • Operating system upgrades on servers
  • New Line of business applications or upgrades
  • Changes in perimeter security
  • Changes in networking equipment
  • Changes to or installation of remote access solutions
  • Modifications to information system platforms such as virtualization, storage, high availability, and public/private clouds

Significant organizational changes

Organizational changes to your company through the departure of key personnel or modifications to risk management strategies or information security policies can affect the security of your company's infrastructure. An immediate assessment will do the following for your business:

  • Ensure that security policies are in alignment with your company's other existing policies and strategies
  • Verify access controls and permissions
  • Validate security controls on information systems when the types of data being processed, stored, or transmitted by your company have changed

Learn more

In addition to the above identified threats which should trigger an immediate security assessment, depending upon the nature of your business and the types of data it handles, there may be other security events that also require immediate attention. To learn more about security events that threaten your business or to schedule a security assessment please contact All Covered.