Link to home
Create AccountLog in
Avatar of jbaird123
jbaird123

asked on

Is it possible to perform a network assessment from offsite?

I would like to have someone to perform a network security assessment from offsite and I am wondering whether this is even possible.  If so, what are the limitations?  I really want to avoid having someone physically come out to my location to perform the analysis if possible.

Specifically, I am interested in having someone assess three areas:

1. External Security - How easy is it for someone from offsite to hack in to our network?
2. Internal Security - Are sensitive data and secure servers being properly protected from unauthorized internal users?
3. Web content security - Blocking malicious or offensive websites from being accessed by internal users, and monitoring user's online activities.

So my main question is how feasible is this sort of thing for an offsite consultant?  Is it even realistic to expect someone to be able to perform these functions without a physical visit to my location?  I would like to know what I am giving up by not allowing someone onsite.  What is still possible from a remote site?
ASKER CERTIFIED SOLUTION
Avatar of LesterClayton
LesterClayton
Flag of Norway image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of jbaird123
jbaird123

ASKER

LesterClayton:

Can you expand on your second paragraph above?  Specifically, I am interested in finding out the details of what he will NOT be able to do on a TeamViewer session.  Can you give some examples?

Thanks.
Unfortunately I cannot give any examples, however, many companies which do network threat detection use their own custom built applications which have a set number of test that it can do.  These pieces of software are the "bread and butter" of what they do, so they are not going to install it on a remote machine, which can be potentially re-used without their consent.

If for example you need a forensic investigation done of a particular machine, you would either have somebody come in to do it, or you'd have to send the hardware to the company to do it.  They wouldn't give you the software tools they use to perform the forensic analysis.

In a nutshell, they're not going to give you the opportunity to take customers away from them :)
LesterClayton:

Maybe it is possible to list some of the "standard" tests that could be done through a TeamViewer session?  If I can at least gain an understanding of the sort of tests that could be performed with this setup, that may be sufficient.  A few things come to mind:  1) Can we verify that "server x" is secured from unauthorized access because it stores sensitive data?  2) We allow users to access the Internet via their own personal laptops and WiFi.  Can we monitor the Internet activity on these PCs?  3) What other sorts of tests would one normally expect to have done?

Thanks.
SOLUTION
Avatar of madunix
madunix

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.