Forensics Readiness Plan
ProCheckUp can help organisations prepare themselves better in anticipation of an attack by providing assistance and guidance in the following areas:
- - Creation of a robust business continuity and disaster recovery plan
- - Recommendations on detection and preventative controls
- - Identification of critical IT assets and business data
- - Conducting risk analysis
- - Security-related information dissemination
- - Education and training to raise awareness
The effective preservation of data is now a pre-requisite for investigations, where data has been compromised or is required for review as part of any type of litigation or regulatory enquiry. Failure to act swiftly and preserve data could be costly. Having a forensics readiness plan in place allows for prompt effective action which will help to reduce litigation, minimise business disruption and limit any regulatory investigation.
Network & Host Monitoring Design
Efficient system monitoring, design, and implementation is imperative to ensure that all activities on the network are securely logged for analysis in case of any potential system compromise. Without robust monitoring and data collection, it will be difficult for investigations of an incident to be carried out. Attempting to gather detailed information from affected systems after an incident has occurred wastes precious time and resources that should be spent responding to, and recovering from, the effects of an incident.
ProCheckUp will analyse your network diagram and help determine the best implementation for system monitoring across the network. This would typically involve providing assistance and guidance around the following areas:
- - Placement of sensors around network boundaries and critical hosts
- - Choosing the right data type to capture - full packet, packet string, or session data
- - Placement of network and host intrusion detection systems
- - Configuration of operating system, web server and database server logs
- - Log retention and backup
Once the network and host monitoring implementations have been put into place, ProCheckUp can help test them to ensure that they successfully capture network activities as intended.