|Security Assessment > Policing Your Security Policy|
xiscan - helping with policing
The purpose of a modem security policy is to identify and address the particular risks associated with modem access. Ideally, your policy will forbid ad-hoc connection of modems. But a policy is only a document. It provides no protection in itself. Compliance is the key. And the best chance of ensuring compliance is through a combination of education and policing.
Your security policy may well state that ad-hoc modem connections are not allowed. But how do you know whether the policy is being adhered to? This is where Xiscan can help you. Once loaded with the telephone numbers in your organisation, Xiscan can be configured to dial ranges of numbers at different times during the day. You may have modems within your organisation that you don't know about. They may be "hidden" within equipment for example. Xiscan can act as an inventory tool, locating any modems configured for dial in access. Once these access points have been identified, the requirement for their existence can then be properly justified with reference to the security policy, and a baseline arrived at.
The answer you get today as to where your access points are may well be different tomorrow. Xiscan is designed for repeated automated execution, with the facility to produce concise management reports against the results of previous scans. In this way Xiscan can provide a continual rolling assessment.
One final point to bear in mind. Even if you are confident that your own house is in order, what happens if you grow through acquisition? Can you be certain that the systems of the business you have acquired have been configured and documented with the same diligence? How confident are you about sharing links with other organisations? Even within your own organisation, can you be certain that the rigour which is enforced at head office permeates as far as some of the more remote outposts? Outposts that in all probability have direct network links to head office.
Xiscan allows you to scan all of the numbers in your organisation, irrespective of their physical location. (And that can include locations in other countries too.)
Copyright © 2017 Xiscan® Limited. All Rights Reserved.