IT Assessments

Comprehensive assessments of the hardware, software and configurations that compose your network
Request a Call

Setting a baseline for cybersecurity assessments

The first step in developing a strategy to safeguard the systems of a business is to analyze the current situation; to do this, we must reach a joint understanding of the “as is” scenario. Management expectations, technologies in use, and other requirements will vary depending on the industry.

What can you expect in a provider of IT network assessments?

Your provider should be able to come up with a recommended plan of assessments specific to your environment. Not all types of assessments are necessary for every industry. Your MSP should have the depth of experience required to perform different types of assessments focused on the overall health of the IT ecosystem, network, virtualization, and security. Your provider should also be well schooled in the latest compliance regulations to enable clients to meet new requirements as they emerge.

We focus on two key areas

R

What are your business objectives and needs over the next three years?

We review your business initiatives and goals and help determine the best technology strategy to mee your objectives.
R

What is the state of your current IT environment?

We determine your “as is” IT environment and begin the process of identifying those changes that must be made to create a best practices environment.

Why should you choose Corserva to assess the state of your IT?

Corserva’s experts bring a wealth of knowledge and experience regarding the specific regulations tied to regulated vertical industries such as financial services and healthcare. With a foundation of these requirements and other vertical industry best practices, we spend time with your management team reviewing specific concerns you may have, above and beyond the basic industry guidelines.

IT network assessments

A Comprehensive Look at your Entire IT Environment with our Assessments

Base Network Assessment

Our Base Assessment provides a complete view of the entire IT environment including all devices that are connected to the network (servers, switches, firewalls, routers, printers, end user devices, etc.). The analysis generates profiles of each device on the network including the hardware components, O/S and patch levels, applications and associated licenses, current antivirus solutions, signature update status, and warranty/support status. In addition, the base analysis identifies open ports that should be closed.

Virtualization Assessment

For companies that have deployed large numbers of virtual servers, or who want to prepare for virtualization projects, this assessment provides the required foundation for planning purposes. For current virtual machines (VMs), the assessment identifies all current configurations as well as VM “sprawl,” which can be created by the constant addition of new VMs without elimination of unused VMs. This assessment provides an accurate view of the workload support required for new or expanded virtual environments.

Cybersecurity Assessment

All companies are concerned about the state of their cybersecurity resilience. And we know that while it is necessary, it is certainly not sufficient to have advanced firewall and endpoint protection in place. We must identify malware as it moves around within your internal network. And, we must identify end user behavior that significantly increases target surface area (vulnerability). The Cybersecurity Assessment places a sniffer in your network for a week to capture traffic moving within your internal network. This data is then analyzed in our Cybersecurity Lab to identify both malicious code moving within your network as well as user actions that serve to increase your risk of attack.

Cybersecurity

Network Penetration Testing

Once issues from the Base Assessment and Cybersecurity Assessment have been addressed, penetration testing can validate assumptions that all data is secure and the network cannot be hacked. Whereas the Base Assessment and Cybersecurity Assessment are analyzing your network and providing resulting to-do lists of areas to address, penetration testing is the act of purposely trying to break into the network or access data. A successful round of internal and external penetration testing will tell you that your network is truly secure. The results of a test penetration will expose any external vulnerabilities and their associated impact, including internet, IP addresses, firewalls, email servers, and web servers.

NIST compliance

NIST Assessment

The National Institute of Standards and Technology (NIST) develops and issues standards, guidelines, and other publications to assist in managing cost effective programs to protect information and information systems of federal agencies. NIST 800-53 provides a catalog of security controls for all US federal information systems except those related to national security.

NIST compliant
About NIST

Manufacturers that provide parts and equipment for suppliers serving federal and local governments must be compliant with the latest NIST 800-171 regulation by the end of 2017. Learn more in the white paper, “What Manufacturers Should Know About NIST 800-171.”

 

Learn more about our NIST assessments

NIST dictates how Controlled Unclassified Information (CUI) is stored and accessed. Learn more in the blog posts:

Corserva offers a specific program to enable manufacturers to become NIST compliant with a NIST assessment. View the solution brief to learn more about Corserva’s program for NIST assessments.

NIST 800-171... Will you be ready?

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

“What Manufacturers Should Know About NIST 800-171”

Download white paper now

HIPAA Assessment

Customized for the healthcare industry, as an extension of the Base Assessment, Corserva can provide an assessment of your HIPAA compliance against HIPAA security rules. Combining the data collected in the Base Assessment, plus on-site physical checks of certain practices and policies, we can provide a HIPAA compliance review report.

The Corserva HIPAA audit includes:

R

Master HIPAA Policy and Procedures document

R

HIPAA Risk Analysis

R

HIPAA Management Plan

R

Evidence of HIPAA Compliance report

PCI DSS Assessment

The Payment Card Industry Data Security Standard (PCI DSS) requires companies that store, process, or transmit credit card information to protect that information to reduce credit card fraud. Corserva’s PCI DSS Assessment checks to see if your company is storing data in a way that meets the requirements of this information standard in the areas of security, data archiving, and accessibility. Methods of all types of data storage are analyzed including onsite, cloud, and remote.

NIST assessments

Is your current security protection truly best practice?