In order to be effective, you must know what you are trying to protect. Further, you can reuse your financial audit information to help accomplish this.
Download a local copy of this spreadsheet to get started.
Inventory all the things
- Authorized and unauthorized devices
- Anything with an IP address
- Authorized and unauthorized software
- Be able to account for all running processes.
- Inventory of information types and location
- Know where your data is and moves around to.
Devices
- Login to your switch or router and look at DHCP and ARP entries
- Look at your
netstat
output - Run
nmap
on your local network
Software
Image Credit: No Idea