Possessing Detailed Documentation of Your Network

Possessing Detailed Documentation of Your Network

A key requirement of securing your organization s network is maintaining detailed documentation about the physical infrastructure of your network, complete and up-to-date network diagrams, documentation of the configuration of computers, applications, and the audit log. Without this documentation, network administrators might overlook resources that must be secured, and the network will almost certainly be inconsistent in its level of security. Without baseline performance and security information, it is difficult to detect attacks, regardless of whether they are successful. For example, your network might have a direct connection to the Internet that is no longer used but is still connected to a router. Over time, a router s access control list (ACL) can become outdated and can present a significant security risk. This is because the outdated ACL can enable an attacker to compromise your organization s network by using tactics that did not exist when the router was secure and was monitored. Although such situations might seem obscure, they are quite common for organizations that have grown by being acquired by another organization. When consolidating IT resources, you can easily overlook these types of details. Similarly, it often takes such organizations a long time to create detailed documentation on their newly formed networks.