― Projects
ClientLarge holding. TaskThe objective of the audit was to get the information and consulting services for a comprehensive audit of the IT infrastructure, IT systems, and information security systems of the organization. The management of a holding wanted to assess the current state and get the recommendations for the development of IT infrastructure to improve security, get the recommendations on fixing the malfunctions, optimization, and security.
Audit methods and steps● interviews with company specialists;
● analysis and research;
● collection and comparison of data with different systems;
● assessment of the state of information security;
● assessment of critical elements of the IT infrastructure;
● development of recommendations, preparation of a report.
SolutionDuring the audit, an assessment and analysis of the overall architecture of IT services were conducted by our specialists. We have provided the recommendations for the proper functioning of architecture, network, server, and virtual infrastructure, operating system. ESKA’s specialists have also analyzed the disk arrays, data storage systems. We’ve also made a risk assessment, and a security and vulnerability analysis.
To achieve the set goals, the audit provides for the following activities:
1. Development of inspections schedule.
2. Audit of network infrastructure (switches, routers Juniper, HP).
3. Audit of computer infrastructure (physical servers and Fujitsu systems, HP storage systems, Supermicro and Fujitsu, NetApp).
4. Audit of virtualization infrastructure (HyperVisor Vmware).
5. Audit of the infrastructure of network services (DHCP, DNS, NTP, Syslog, SNMP, etc.).
6. Audit of IT systems (sites, portals, etc.).
7. Testing the security (external/internal) of the company's information systems.
Based on the results of the audit, the customer was provided with general conclusions, an audit report, and recommendations.