The Egress Filtering Assessment consists of a multipart process to assess the current and newly defined data protection standards for the organization, as well as the access controls, retention, and remediation capabilities that could have an impact.
Identify: SecureState will focus on how the people, processes, technologies, and locations integrate within the business environment. Examples include:
- Individuals who have access into, administer, or shape the business environment
- Processes involved in handling data, administering or monitoring system components and access controls within the environment application development processes, and the processes and policies surrounding the protection of data
- Technologies as they pertain to storage, processing, and transmission of data
- Locations involved in the storage, processing, and transmission of sensitive data including corporate and remote or satellite locations, and data centers, unless deemed out of scope at the time of the assessment.
- Control sets and configurations implemented to protect and monitor critical datasets.
Develop: Securestate will provide a comprehensive analysis of security controls required on a system or network component. It is critical to understand how the overall hardening and protection techniques have been applied and the underlying risks to the datasets that may be associated. SecureState performs both automated and manual assessments to identify potential security threats and misconfigurations. SecureState performs this review by first understanding the overall architecture of the organization, then applying industry best practices and hardening techniques tailored to the pertinent datasets that support the business.
Implement: Once data is identified and verified, it is then initially plotted, analyzed, and correlated for the effectiveness of controls that protect data access. The end result will provide your organization detailed information on, and recommendations for, the following:
- Data locations and types
- Data segmentation requirements
- Data storage, transmission and process hardening
- Systems that store, process or transmit sensitive data, and how sensitive datasets are introduced into the environment
- Access and accountability controls based on roles/need-to-know
- Limiting the damage of a potential data incident, which reduces recovery time, costs, and liability, and helps ensure data controls and segmentation are compliant
SecureState also performs a dataset identification to provide basic detail and a systematic approach to understanding why data exists, its impact, and its value to the organization. The dataset will become a risk inventory that can be implemented to properly allocate funds and resources to defend the key assets, reducing the scope, time, effort, and resources needed to protect what is truly important. Employing a proper data protection and retention scheme is cost effective, and allows a business to focus on protecting its higher risk data assets.