Why is a periodic system review beneficial to security?


After the release of a software, it is essential to periodically review the system for the following reasons-

  • To check if the system is still running as expected – there is a huge difference in testing with sample data, and real world input by actual users (and abusers)
  • To verify that all hardware, infrastructure, and stock software are updated and patched
  • To be aware of new vulnerabilities on day “zero” – so that they can be mitigated before being exploited and attacked
  • To ensure that the firewalls, anti-virus, anti-malware are all up, running, and patched
  • To monitor typical traffic and usage and spot anomalies and potential threats
  • To keep the system in tune with the changes in technology and protected against the latest hacking techniques and tools
  • To ensure that system is receiving normal and expected traffic, and not from unrelated countries, or unusually high volumes of traffic – indicating a possible DoS or DDoS attack
  • To ensure that genuine users can access what they need to with ease, authenticated access, and no down-time.
  • To ensure data is regularly and securely being backed-up
  • To take decisions on software expansion, changes, updates, and patches
  • To ensure private data is encrypted and secured, at rest and transit, without data leaks
  • To ensure compliance and conformity with HIPAA, SoX, FERPA, PCI-DSS, CIPA and other laws, Acts, and Guidelines (where applicable)

Without a periodic review, the system grows vulnerable with each passing day, and this can lead to exploits which cause financial losses, loss of reputation, and even lawsuits.