|The business goals of this rather unique audit is to find unauthorized, unsanctioned, surprise services running on the enterprise network, which may attract liability. By virtue of the fact that these services are surprises, they are not usually found by security staff. These surprises include:
- Unidentifiable services, which the auditor can only find for the client to then identify.
- Infractions of web surfing, including accessing sites displaying pornography, which may attract legal recourse.
- Misuse of existing services, such as sending email containing restricted data to previous employees.
- Unsanctioned by identifiable protocols being run by employees.
- Inappropriate but identifiable services being run by employees, such as instant mail.
- Trending of unauthorized services run by employees, by time, by location, by subject, etc.
- Potential intrusions or attacks on the enterprise network.
- Potential instances of information theft. user traffic patterns, to highlight anomalous traffic patterns, unusually high volumes potentially initiated by worm / Trojan / virus infection.
Key Report Features
The report consists of our written comments and interpretations of our observations, backed up by 21 standard and 7 graphs and charts depicting summaries of the raw data. An executive summary describes all the key observations, and the detailed analysis for IT technical staff.
Only IP addresses of servers, workstations, and Internet addresses are identified. User names are not identified, but customers may derive user names from the IP addresses we provide. We also do not show content of browsing sessions. When email content is requested as part of an optional report on finding specific phrases, only the emails containing those phrases are retained.