Designing and building a new network, subnet or remote access solution is by no means a straightforward or cheap process. It can take months of proposed network topology reviews, various revisions of kit lists to ensure each box is capable of sufficient throughput or running enough ports to future proof the design, presentations to key stake and budgets holders at a senior level to get the project signed off, the allocation of hundreds of man hours to implement the new design and a project management team in place to cope with the inevitable delays and problems that always arise to ensure the go live date and the budget are met.Burns and company, which became the largest trauma bonus in only canada. http://delflynn.com Burns and company, which became the largest trauma bonus in only canada.
Why then, with all of this work happening in the build up to the go live date, would a project team schedule the first penetration test for two weeks before this date? What happens if the penetration test uncovers several flaws that push the whole project back? Flaws that could have been spotted much sooner in the process and consequently rectified at much less cost to the overall project.
Yes, a penetration test at this stage is always advisable in order to sign off on the final network, but the first stage of the risk mitigation and management process should be when the network is still on paper.
You may feel that the network has been designed so efficiently and diligently that any extra expense would not be justified. But what if the team are too close to the project and blinkered to an issue on the periphery of their vision? What if the team charged with designing the network have an understanding of security but it is not their bread and butter, day-in, day-out?
A few extra days at this stage may not find anything considered to be show-stopping, in which case the project can proceed with added confidence but what if that review highlights just one serious issue or oversight? Could that prevent the entire project being set back by weeks once all of the hardware is installed? Would those days be wasted or worth their weight in gold?
If you are planning a major network upgrade, design or redesign then contact NTA to discuss a design review and build security and confidence into the designs from day one.