Michael J. Martin of Search Security.com writes:

For many people, the idea of auditing anything is about as much fun as a root canal. In today’s world of never-ending security alerts, we all know we should be conducting security audits, but we don’t. I suspect there are a few reasons for this. The first one has to do with knowledge. Many network administrators have no background in systems or security. So while many would like to conduct an audit, for them the devil is in the details, which they are missing.

There are a number of great tools out there, such as Nessus and NMAP, not to mention all of the data that can be plucked off routers, switches and servers, which can help a great deal. Collecting and using this data is a double-edged sword, however. First, you need to have some understanding of the how to use the data; collecting for collecting sake is a waste of time. The other, more deadly, edge is that collecting this data can destabilize your network and crash systems. Care needs to be taken when using auditing tools. Running effective audits requires a documented, carefully planned methodology. Failing to develop a plan will put your network environment at risk and provide very little in terms of useful data.

That leads us to the second reason administrators resist auditing…

[Continue reading Why You Need A Network Services Audit]