Have You Scheduled Your Annual IT Assessment?
Like a wellness visit or annual checkup at your doctor’s office, your network technologies need regular assessments to catch any small problems that could become big problems later. IT systems are complex, multi-layered, and often only understood fully by the people who work with them every day. That’s why an IT assessment done by 3rd party experts can help you monitor your network’s health. These experts can explain the strengths and weaknesses of your network, in addition to giving you actionable tips for protecting it in the future.
Why Choose a Professional?
When it comes to IT assessments, an investment in a professional assessor is an investment in the viability of your business. It’s difficult to see problems if you’re looking at them every day. To those who have hosted the same vulnerability since the first day they opened the doors may not even realize it’s a problem until an IT assessor shows them how easy it is to exploit.
Additionally, an assessor is going to give you real, actionable objectives for moving forward from your assessment. Assessment data is pretty useless if it doesn’t change the way that you run your information technology services, but knowing what to do with the data can be overwhelming. Assessors will use their expertise to help you find the right place to start.
Types of Assessments
First things first: you’ll need to decide which type of assessment you’re looking for. Typically, you can request either a network assessment, security assessment, or both!
Network assessments give you an in-depth overview of your network systems, including storage, workstation health, user accounts, operating systems, vulnerabilities due to obsolete hardware/software, and how the internet is being used.
Security assessments focus mainly on protocols and policies for your network. For example, a security assessment reviews password policies, domain policies, and outbound protocols. In doing so, they are revealing potential “chinks in the armor” of your network. These weak areas, which open the door for cybercriminals to steal your data, can be sealed shut after they are evaluated by a professional assessor.
A great assessment is also going to show you how much risk you are facing. Once you understand the liability you are facing, it’s easy to understand why investing in an assessment is worth it.
Preparing for Your Assessment
When your assessor comes in, it pays off to be well-prepared. A general IT assessment checklist can help you narrow in on some of the broad areas that your hired professional is going to evaluate. Not only does it help you direct the assessor’s attention to acute problems, but it can also help you do an informal evaluation intermittently throughout the year.
While working with a 3rd party is always going to give you more accurate results, knowing common areas where problems arise can help you see issues long before your next assessment date rolls around.
To get you started, here is a basic checklist for the three key areas your assessor is going to evaluate during a combined network/security assessment:
- Assets, including age, serial number, IP addresses, etc.
- Computers and mobile devices
- All other network devices
- Policies and Practices
- What are your password policies?
- What are your email policies?
- What are your confidential document policies?
- What email domain do you use?
- What apps or software applications do you use?
- What vendors do you do business with?
- Who has access to your public/private WiFi networks?
- What physical security options are in place?
- Site Diagrams
- Image of how all network systems and devices are laid out in your building.
- Notes of what devices are mobile and have access to outside networks.
- Visual access to your control center, including data on temperature, power usage, and available storage.
While evaluating these areas, your assessor is going to use a rubric to give you a score, much like a teacher would give you a score on an essay. This rubric allows you to see where you fall on a “safety scale.”
These IT assessments can be helpful in a number of categories to help an organization meet their IT needs, whether that be security, performance, or being able to adapt to the demand for a more mobile workplace.
So no matter what your business objectives, consider a full IT assessment with Verus.
Additionally, our team has over 35 years of experience providing IT coaching and strategic consulting services. From infrastructure, budgeting, and staffing to IT roadmap management, our consultants understand the business side of IT and are uniquely positioned to provide Executive level services, such as a virtual CIO (vCIO), at a fraction of the cost of a full-time CIO.