9 Reasons to Conduct a Network Assessment *Before* You Regret Not Doing It
by Travis Richards, Director of Consulting Services, cStor
Do you really know every single thing about your company’s network? Do you truly understand its strengths and vulnerabilities? What about sources of interference, problem, potential issues with outages and design limitations that could hinder your company’s next aggressive growth plans? Could you pass a pop quiz on it now?
If that last question truly makes you cringe, maybe it’s time to have an expert 3rd party conduct a comprehensive assessment of your network. Not only will it answer all of those nagging questions and many more, it will layout a plan for future success and risk mitigation before issues occur. With the reality of today’s risks (both internal and external), dynamic network growth, and the ever changing landscape, having a clear handle on your network is no longer a ‘nice to have,’ it’s a mission-critical ‘must have.’ Not to be melodramatic, but network vulnerabilities and issues and outages can topple a company… fast.
So, here are nine great reasons you should consider conducting a complete network assessment sooner versus later, before you regret not doing it or encounter a problem that could impact your company.
- Understand the full capabilities and pitfalls of your network. Know thy enemy, and by ‘enemy,’ I mean not only vulnerabilities, but limitations and network design issues that may hold you back. An assessment will assist in identifying capabilities, pitfalls and issues, and determine if your network is in line with the strategic direction of your company. Of course, knowing the pitfalls not only helps for the future, but also can head off both small and big problems before they ever openly rear their proverbial heads. It will help create a roadmap to success.
- Locate and develop a plan of attack to resolve bottlenecks causing problems. Different types of bottlenecks can impact network performance, along with other issues including design issues, hardware and software bugs, misconfigurations, and overloaded network equipment. A professional network assessment will clearly map out and identify bottlenecks so you can improve performance and resolve issues before they become outages.
- Reduce operating risk and validate redundancy. It’s entirely possible you have redundancies in your infrastructure that are not configured correctly and may not work as designed in a critical outage event. Sometimes external experts are better able to ‘see the forest through the trees’ on such redundancies, as well as make sound recommendations on configuration to minimize the impact on day-to-day operations.
- Align network architecture with your current security requirements. This assumes you have a current security plan in place; so if not, start there first. If your security plan is even one or two years old, trust me, it needs updating. Once that’s resolved, your network assessment partner can ensure your infrastructure aligns and supports all of your security goals, and even compliance needs for certain heavily regulated industries.
- Identify and create a plan to sunset and/or replace equipment that’s near the end of its lifecycle. You should have an accurate list of hardware on your network that is slowing performance down, out of support, or causing critical security gaps due to its age. This portion of an assessment will also help you find what needs to be updated or replaced and give you a roadmap to budget its refresh. Remember that old hardware doesn’t have the potential to just cause performance issues and outage risks, it often has serious security vulnerabilities that you more than likely cannot afford to deal with in the event of a data breach.
- Identify network security issues and vulnerabilities that may put you at risk. Your network assessment partner should be able to review your current network technologies and infrastructure to identify potential security risks due to configuration, hardware or software bugs, and out-of-date equipment. This gives you a sound plan to take to management and works towards reducing your security risk by fixing issues before a security incident.
- Create a baseline for ‘normal, optimized’ network performance. Sure, there are plenty of network monitoring solutions out there, but they won’t be effective unless you know definitively what you’re measuring them against. A third party assessment will help you establish that baseline for normal, optimized performance based on your company’s unique business, data, user, security and compliance requirements. Don’t ask your partner for ‘industry averages’ here, it’s all going to be unique to your firm. Once you have the baseline and a monitoring solution in place, you can set thresholds with alerts to signal when potential problems are approaching or a security breach is imminent (or in progress).
- Have a complete, accurate inventory and design of your network. I’m often quite surprised by how many companies don’t really have an accurate inventory or design of their network. Having an accurate inventory and network design helps you plan for the future, troubleshoot issues more effectively, update and patch hardware and software, and identify potential impacts of future changes in the environment. It also helps to plan and budget for hardware refresh cycles to mitigate issues, outages and security risks.
- Finally, get complete documentation of your entire infrastructure. Once your assessment is complete, you’ll have a fully documented record of your entire network in a written report. The report will contain everything you need to address issues with your network administrator, including a plan for resolving problems and proactively planning for the future with management. Now, you have a third party that has validated current state and created a clear plan with priorities so you can budget, plan for upgrades, updates, training and future growth initiatives.
If You Remember Anything …
Even if you only really care about two or three of these points, hopefully you can see clearly why conducting an independent, expert network assessment should really be mission critical, and neglecting this step in the interest of cost or time can pose more risk than you should be willing to accept.
If you’re evaluating potential partners, don’t hesitate to ask them for sample reports from other assessments. They should be open, transparent and fully capable of providing ‘sanitized’ reports you can review. They should also be able to communicate the anticipated timeline, fees and what kind of action plan will come from it.
So what are you waiting for?
For more information on getting an expert network assessment, don’t hesitate to drop me an email at firstname.lastname@example.org.