Information Technology Reference
In-Depth Information
ing services, databases, backup services, network monitoring services, and central-
ised authentication of users.
Network servers have changed the way companies provide services to customers. Most
services today are automated such that there is little interaction between customers
and internal company staff. Take for example, if you are a customer on Amazon, you
would browse the web portal, select a product you want, and make an order. You will
receive your product upon payment within a few days. All this will be done by inter-
acting with a web application running on servers with no or limited interaction with
customer support staff.
Since network servers play such a critical role on our networks, IS auditors are often
called upon to check performance of these servers. Auditors may be required to per-
form the following tests:
1. review that servers are properly configured
2. check that servers are regularly monitored
3. check maintenance of servers
4. test compliance with internal policies and procedures
5. test compliance with server change management
6. test data integrity and access controls
7. ensure server applications and operating systems are up to date
8. ensure security hardening of server operating systems.
f) Modems
There are various types of modems which are used on the network infrastructure. Mo-
dems are normally used to provide connectivity to other networks or systems. For
example digital subscriber line (DSL) modems are used to connect enterprises to In-
ternet service providers or to connect to other office networks, such as a branch of-
fice. Most modems in use today are digital modems unlike a few years ago when we
had analogue modems which were used to provide connectivity.
New developments in connectivity technology have seen the deployment of dongles,
which are used to connect computers to the Internet and office networks through vir-
tual private network (VPN) connections. Phone SIM cards are used on dongles to
connect to service providers, other corporate networks, or the Internet.
Modems and dongles pose a number of security challenges if used on a corporate net-
work. Many times you will find that the use of these dongles has not been authorised
Search WWH ::
Custom Search