Enhancing Network Security
The Internet is made up of tens of thousands of interconnected network devices. Network security is essential in today's environment because an organization's data could be accessible from any computer in the world.
Considering today's cyber security risks, strong network security practices are essential and critical to secure the organization's data and IT infrastructure. There are numerous network devices used by any organization. Configuration settings of these devices are very technical, and identifying security opportunities is an uphill task for auditors and management alike. Network security is measured based on the weakest point in the network. A network device with weak security settings can put the entire organization's IT infrastructure at risk. This presentation will give an overview of top key areas to audit network security, and will introduce attendees to network security risks, ideas to benchmark against best practices, and common network security requirements.
Speaker: Ashish Jain, Director of Internal Audit at University System of New Hampshire
As the Director of Internal Audit, Ashish Jain is responsible for developing, organizing and directing the University System's Internal Audit plan. He manages financial, operational, information technology and compliance audits to determine the adequacy of the systems of internal control and the degree of compliance with these controls. The Director of Internal Audit is also charged with conducting special investigations as requested, and making recommendations for improved controls, operating procedures, and systems designs.
Prior to joining University System of New Hampshire in April 2016, he worked in the Internal Audit departments at Boston College and MIT. He holds a Master of Science in Accountancy from Bentley University. Ashish maintains professional certifications as a Certified Public Accountant in Massachusetts, a Certified Internal Auditor, and a Certified Information Systems Auditor. He holds a certification as ACL™ Certified Data Analyst (ACDA).
Upon completion of this program participants will be able to:
1. Identify key risk areas for a network security audit.
2. Locate resources for common security practices and/or device settings.
3. Plan and perform a basic network security audit.
Materials: