So you are following industry best practices and are patching your systems. But how do you know that they are, in fact, fully patched and secured?
Would you know if one of your employees installed a rogue wireless access point somewhere on your LAN?
Would you know if any of your employees were using P2P-type applications on your network and using your file server to share out data?
Are you inadvertently granting access to file systems that you thought were restricted?
Is your firewall configured properly? Have you had it verified recently?
These are but a few problems that we have found when auditing networks. It could well be that your network is perfectly secured but if you don’t perform an audit, how will you know for sure?
