Network audit checklist
A network security audit checklist is used to proactively assess the security and integrity of organizational networks. it managers and network security teams can use this digitized checklist to help uncover threats by checking the following items—firewall, computers and network devices, user accounts, malware, software, and other network security protocols.
What does this form include?
This form contains 12 sections:
Firewall
- The organisation should have a firewall or equivalent in place to protect their internal network and devices against unauthorised access
- The password on the firewall device should be changed from the default to an alternative strong password
The firewall password is:
IMPORTANT: All computers and devices on the network must comply with the following in order to give a
Computers and Network Devices (including Wireless Access Points and Routers)
- All unnecessary user accounts, guest or admin accounts should be removed or disabled
All user account passwords meet the following requirements:
User Accounts
- All users accounts and their privileges should be subject to an approval process and should be documented
- Admin privileges and any other special access privileges should be restricted to authorised individuals and documented
- Admin accounts should only be used to perform admin tasks and not for everyday access
- Admin accounts should be set to require a password change every 60 days or less
- Every individual user should have a unique user name and user account
Every user password should meet the following requirements:
Malware Protection
- Malware protection software is to be installed on all computers that can access the internet or are capable of accessing the internet
- Malware protection software is to be kept up to date daily
- Malware protection software should be configured to scan files automatically upon access and to scan web pages when being accessed via a web browser
- Malware protection software should be configured to perform regular scans of all files
- Malware protection software should prevent connections to malicious websites on the internet (e.g. by using website blacklisting).
Software Patch Management
- Software on any devices that are connected to or are capable of connecting to the internet must be licensed and supported to ensure vulnerabilities are investigated and patches made available.
- All software updates and security patches that are made available should be installed in a timely manner
- Any unsupported software should be removed from any computer or device capable of connecting to the internet
Others
- Wireless Protected Setup (WPS) to be disabled on all wireless devices
- Universal Plug n Play (UPnP) to be disabled
- Guest WiFi access to be implemented for visitors and employee owned devices
- Employee owned devices that can access company email or information will require malware software
- All network servers must have a daily automated backup solution with backup data stored securely offsite (encrypted)
- Encryption of all sensitive data stored on mobile devices and removable storage devices
- Do not allow staff to use file sharing or cloud storage services for company data such as DropBox, OneDrive, Google Drive, iCloud – unless they are authorised by and secured for your organisation.
- Staff should not be permitted to use personal social media accounts on organisation-owned devices or on any devices connected to the network unless specifically authorised to do so.
Recommendations
Name and Signature
Use this template