This stage includes a close inspection of the following elements and mechanisms, including a necessity evaluation and examination of the different configuration parameters:
a. Analysis of the business logic: Integration of information security in the system; Protection of sensitive data and modules.
b. Encryption tools integration: Mapping the sensitive information, and the appropriate encryption level and mechanism.
c. Authentication mechanisms integration: The authorization levels, system users, and the authentication mechanisms used.
d. Implementation of application proxy/Firewall: Checking the need or the implementation, according to system characteristics.
e. Bastion/Hardware switching (denial of direct connection to the Internet): Checking the need or the implementation, according to the systems characteristics.
f. Protection against ‘Trojan Horses’: The system resistance to attacks on the servers, by using ‘Trojan Horses’, malicious applets, etc.
g. Network segmentation: The current segmentation between critical system elements, in order to create both physical and logical compartmentalization.
h. Intrusion detection tools integration: Evaluating the necessity of ID systems. If such systems are integrated – checking their implementation and parameters of operation.
Following the adjustments by your company of the mentioned breaches, an additional quick scan must be carried out in order to make sure these breaches have been completely repaired. Also deviations from the original release and network set-up will be covered. This scan can take place off-site if delivering the required information and accounts.
The deliverable of this stage is a (probably not a comprehensive) report of findings and breaches, including a list of initial recommendations for dealing with these threats.