Architecture audit
A technical architecture audit to reinforce the security of your IT infrastructure
Purpose of an architecture audit
The aim of an architecture audit is to identify weaknesses or non-compliance with recommended security practices.
An architecture audit is based on a documentary analysis followed by interviews with the people in charge of the design, implementation, administration, supervision and maintenance of the target information system.
In addition, additional analyses can be carried out on network configuration samples (e.g. switches, firewalls, security cloud groups, etc.) to complete the audit.
Benefits expected from a technical architecture audit
The benefits of an architecture audit include :
- Identification of potential risks within the audited perimeter;
- An action plan including recommended remedies in the specific context of the target system;
- Enhanced data protection;
- Optimizing IT resources;
- Verify the security of your architecture to prevent future incidents.
As Synetis is a PASSI-qualified company, the architecture audit can be carried out under this qualification as defined by ANSSI. This applies, for example, to the audit of a Restricted Diffusion network or a SecNumCloud qualification.
Architecture audit methodology
During an architecture audit, the following aspects in particular are checked (non-exhaustive list):
- Perimeter defense ;
- Defense in depth ;
- Partitioning ;
- Breaking protocol;
- Flow management ;
- MCO/MCS, backup and logging policies ;
- Disaster recovery plan ;
- …
The methodology used by Synetis is based on the various technical guides and recommendations issued by ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information). At every point of the infrastructure, Synetis auditors focus their attention on the coverage of Information Systems Security (ISS) requirements, i.e. : Availability, Integrity, Confidentiality and Traceability.
Any operational constraints and business needs in the application of these guides and their associated recommendations are taken into account by Synetis auditors.
Literature review
This part of the audit consists of comparing your documentation with the selected standards. The audit team uses the various mappings provided to analyze your security:
- Mapping information system administration ;
- Logical network mapping ;
- Application mapping ;
- Physical mapping of the network.
Interviews with teams
Carrying out an audit also requires discussions around the business context of the audited perimeter and questions to clarify the auditors’ and teams’ understanding of the documentation received.
Additional questions can also be asked on less technical aspects.
Some examples of architecture audit results
The following are some illustrative results from our IS architecture audit work:
- Unsatisfactory partitioning (risk of lateral displacement) ;
- Lack of separation between critical services ;
- Little or no filtering of incoming and/or outgoing flows;
- No nomadic access control ;
- No system hardening ;
- No maintenance policy procedures ;
- No centralization and/or supervision of logs ;
- Exposure of internal cloud services to the Internet.
An architecture audit is an essential investment for any company wishing to verify and improve the security of its infrastructure. By identifying and correcting vulnerabilities, you can considerably reduce the risk of incidents, while improving the performance of your IT department.
Contact our Synetis experts for more information about architecture audits to improve your cybersecurity!