Professional Documents
Culture Documents
DMD Advocates - Security Audit: (Pick The Date)
DMD Advocates - Security Audit: (Pick The Date)
Solution Design
DMD Advocates is located in Nizamuddin East, They are hosting their data on file server hosted in their
own environment, Else a Firm “Cyber space” is taking care of other infrastructure like Firewall, Mailing
Server, and Endpoint solutions. This report provides the system’s stakeholders with an assessment of the
adequacy of the management, operational, and technical controls used to protect the confidentiality,
integrity, and availability of the system and the data it stores, transmits or processes .
a) Client is having all its important data in a file server, hosted in their own environment.
b) All data is commonly available to all users, users can have access to data of other users as
well,
c) Cyberoam endpoint solution is taking care of complete endpoint security, which is hosted
on remote side with cyber space.
d) Cyberoam client is installed on all desktops & laptops, which blocks access to USB devices
and installation of any other programs.
e) Email alerts are configured, for every attempt to connect of USB devices.
f) Client is having 42 total numbers of users, working with endpoint solution.
g) Some management users are having full access from endpoint security solution.
h) File server is having unrestricted access & allowed for pen drives,
i) “Watch Guard” firewall is being used for web filtering, port blocking & logging.
j) Only senior management people are having access to VPN access to file server from
outside, else are allowed to connect only within the office.
k) Currently users are allowed to send emails only in their own domain.
l) MacAfee mail security is being used to filter & block emails, hosted on remote side
m) Some management people are having full access to send & receive emails to anywhere
n) Logging of emails is done by MS exchange server, which only records sender & receiver
details.
o) Some users are enabled for archiving emails via mail security solution; their emails are
stored with attachments.
p) Mobile & PDA devices can access emails from anywhere, which is not under control right
now.
q) “Atempto Live Backup” utility is being used for live backup of systems & file server, in case
of data loss, data can be retrieved.