Compute
How many physical servers do you have?
Compute
What is the average age of your physical servers?
Compute
What Operating Systems are you using?
Compute
Are all of your production operating systems current and supported versions?
Compute
Do you have a regular maintenance schedule for your servers?
Compute
Are your servers virtualized?
Storage
If utilizing a SAN solution, do you leverage snapshot capabilities?
Does your storage solution utilize multipathing or other redundant connection methodologies?
Storage
Does your storage solution replicate to an alternate site or cloud storage?
Backup and Disaster Recovery
How often do you backup your data?
Backup and Disaster Recovery
Do you have a disaster recovery plan in place?
Backup and Disaster Recovery
How often do you test your backups?
Backup and Disaster Recovery
How often do you test your disaster recovery plan?
Networking
What is the age of your networking equipment (routers, switches, firewalls, etc.)?
Networking
How often do you update your network security protocols / device firmware?
Networking
How many wireless access points do you have?
Networking
Do you have centralized management systems for your wireless network?
Networking
How often do you update your wireless security protocols / device firmware?
Which cloud services do you use?
Cloud Infrastructure
Do you have a multi-cloud strategy?
Cloud Infrastructure
How often do you review and optimize your cloud usage?
Security
Do you monitor your environment for security threats?
Do you leverage Secure Access Service Bridge (SASE) Solutions?
Security
Which Firewall vendor / edge security provider do you have in place?
Security
Do you encrypt sensitive data at rest and in transit on servers and workstations?
Security
Are mobile devices protected with encryption and endpoint protection?
Security
Do you currently have a MDM solution in place?
Security
Does the organization have a formal vulnerability management and software patching solution?
Security
Is a formal cyber incident response plan in place and tested periodically?
Security
Does the organization utilize Multifactor Authentication for email?
Security
Does the organization utilize Multifactor Authentication for network access, system access and remote connectivity?
Security
Does the organization accept payment card transactions?
Security
Is the organization PCI compliant?
Security
Does the organization deal with protected health information as defined by HIPAA?
Security
Does the organization have operations or customers in California, or any responsibilities under the California Confidentiality of Medical Information Act?
How strongly do you agree or disagree with the following statements around your core infrastructure?
Success! Your IT Assessment Is Complete!
