Network and Security Assessment

Establish your baseline and learn which components aren’t working together. A health assessment of your computer network and business technology will identify vulnerabilities that could put you at risk of a business interruption.

When you engage Daugherty Technology Consultants to provide a health assessment of your computer network and business technology, we will meet with your team to fully understand the demands on your technology infrastructure. Some network and security issues are universal and can be templated. But most small business have unique network setups and security concerns that require a custom, individual approach.

We can also provide additional assessments specifically designed for HIPPA and PCI compliance and the health of SQL and Exchange servers.

Have a question about your small business network, or unsure your security measures are adequate? Contact us now.

From the field: The value of network assessments

Bob Daugherty shares insights from three decades as a trusted I.T. professional

As with most industries, CPAs have their own experts in technology. My previous firm hired one to review our technology… twice.
It started when the firm’s executive team hired a consultant for outside verification of their I.T. systems. I received a questionnaire and spreadsheet from this consultant as his tool for gathering information about our technology. I completed the forms and sent them off. Weeks later, he arrived to interview the partner group and me to collect more information. When his report came. I was pleased to see he recommended all the changes I had been asking for but couldn’t get approval or funding.

At least partly because the firm had paid $10,000 plus travel expenses in consultation fees, they considered this advice worth taking. I thought this reasoning odd, especially when the findings relied completely on the information I had provided. The well-paid consultant never even investigated the server room or gathered any of his own information from the network.

As the individual in charge of the company’s I.T., I was glad to be getting approval for my projects, even if the process seemed inefficient. I continued to make requests and to develop a strategic I.T. vision that was constantly underfunded so, when the firm asked the consultant back a second time a few years later, I was again happy with the new report that again backed up my requests.

If probably seems I’m disparaging the benefit of outside consultation. But, done correctly, the process has improved immensely. When Daugherty Technology Consulting analyzes a small business’s network, the investigation process is much less costly, and it doesn’t rely on I.T. staff completing questionnaires.

The final project I did before leaving the CPA firm was to have a technology assessment run on our system. I knew the firm’s infrastructure well and was confident of what an assessment would find. The third-party assessment process involved obtaining scans of the network and every device connected. The information found during the assessment was amazing. A few even surprised me, and I wished then that I had the tools and resources to assess the network and all of its components. It was a great example of how even a skilled I.T. professional with the best intentions can unwittingly leave potential problems unresolved.

So, what did that assessment uncover that surprised me? We were a staff of three, and all diligent about our tasks. The assessment report, however, showed nine users on the system whose passwords were set to never expire. This was not only against our firm’s policies (which I had written), it was a significant security risk. And most of these nine people had elevated access to data on the network. Some digging identified how the situation had occurred: At some previous point, these users had needed assistance in changing their passwords. My department had set the passwords with a “never expire” setting. The nine individuals were partners, and my I.T. team always tried to make things easy for them when we could. Unfortunately, we never went back to reset the settings to comply with the firm’s password policy.

Even when you’re trying your best, things slip through the cracks. As I packed up my office to leave on my final day, my last act was to put the assessment report center stage on the desk of the replacement I.T. director.

Read more of Bob Daugherty’s thought leadership in the Daugherty Technology Consulting blog.