A network security analysis is an examination of the controls within an Information Technology (IT) infrastructure and consists of collecting and evaluating the specific details of an organization's information systems and its operations. The evaluation of these details determines if the information systems are safeguarding assets, maintaining data integrity, and operating effectively and efficiently so that the organization may best acheive its goals and objectives. A network security analysis may be performed in conjunction with a security policy review, regulatory compliance assessment or vulnerability assessment.

Risk Management

Since on-going risk management is essential for any credit union, people, processes and technology must be continuously assessed to evaluate the risk thay pose: People can be evaluated by performing social engineering assessments or by receiving security awareness training; processes can be evaluated by reviewing security policies, regulatory compliance and vendor oversight; and technology can be evaluated by performing routine vulnerability assessments and an annual network security analysis, which is what we focus on here.

ECCT’s On-Site Network Security Analysis provides an in depth assessment and review of the internal network infrastructure, network resources and end points in order to evaluate the credit union's methods of safeguarding assets (member information), maintaining data integrity, and optimizing the internal network performance so that the organization can best achieve its business objectives.

ECCT Network Specialists and Security Engineers analyze, document and report on selected components of the network to assess its overall health. A complete report detailing network strengths and weaknesses is then provided to the credit union. The report also includes customized recommendations to improve security, increase operational efficiency and maintain best business practices.

Scope of Service

ECCT engineers perform on-site assessments of the network infrastructure and configurations of key internal systems in order to gain insight into network integrity, performance and potential vulnerabilities from general concepts to particular device settings and configurations. The credit union's network assessment will be broken down into three areas:

ECCT will review network endpoints, resources and infrastructure as determined by the credit union, in order to evaluate network performance, security configurations and settings. ECCT will review network design and configurations, firmware (IOS) versions, OS patch levels, fault tolerance and local and remote access. ECCT will review any and all access to internal systems by third parties.

Comprehensive Report

ECCT Network Specialists and Security Engineers analyze, document and report findings on all devices reviewed; they will then correlate all collected data, documentation and findings to generate a comprehensive customized report.

Once completed, the customized report will be provided to the credit union. Each device reviewed will be given two ratings, one to address the device's overall security posture, and a second to describe the devices overall network performance.

ECCT engineers will document any and all recommendations to improve the security and/or performance ratings for each device reviewed. These recommendations may include but are not limited to: hardware/software upgrades, device deployment strategies, configuration changes, firmware upgrades, software patches, administrative policy changes, new technologies or any combination of these.In this way, ECCT will guide the credit union towards achieving the best possible business practices relating to IT and security.

Upon delivery of the final report, ECCT will schedule a meeting with the credit union to review the report in its entirety, answer all questions and assist the credit union in taking the next step to address the findings and implementing the required modifications.