After the release of a software, it is essential to periodically review the system for the following reasons-
- To check if the system is still running as expected – there is a huge difference in testing with sample data, and real world input by actual users (and abusers)
- To verify that all hardware, infrastructure, and stock software are updated and patched
- To be aware of new vulnerabilities on day “zero” – so that they can be mitigated before being exploited and attacked
- To ensure that the firewalls, anti-virus, anti-malware are all up, running, and patched
- To monitor typical traffic and usage and spot anomalies and potential threats
- To keep the system in tune with the changes in technology and protected against the latest hacking techniques and tools
- To ensure that system is receiving normal and expected traffic, and not from unrelated countries, or unusually high volumes of traffic – indicating a possible DoS or DDoS attack
- To ensure that genuine users can access what they need to with ease, authenticated access, and no down-time.
- To ensure data is regularly and securely being backed-up
- To take decisions on software expansion, changes, updates, and patches
- To ensure private data is encrypted and secured, at rest and transit, without data leaks
- To ensure compliance and conformity with HIPAA, SoX, FERPA, PCI-DSS, CIPA and other laws, Acts, and Guidelines (where applicable)
Without a periodic review, the system grows vulnerable with each passing day, and this can lead to exploits which cause financial losses, loss of reputation, and even lawsuits.