Best Practices for LAN Domain Compliance

When auditing network infrastructure, start with the basics of physical topography and understanding the business support requirements. That will help you put an audit finding in the proper perspective. Once complete then align that understanding with LAN policy to contrast the organization’s expectations with actual network deployments.

While planning should be broad, the actual network audit should be narrow and focus on specific risks. Network auditing is a marathon, not a spirit. ­Multiple ­network audits over time will provide a holistic view of the LAN. Most good 
size networks are far too complex with thousands of devices to audit in a 
single ­engagement.

Additional best practices for consideration in a network audit include the following:

• Distinguish between on-premises and remote hardware. Also, keep in mind that many devices (such as an employee’s personal phone) may be connected only ­intermittently to the network.

• Network devices should be inventoried, including their location.

• Check the last time the device was updated or replaced.

• Check how the life cycle of a device is tracked and what end-of-life device ­management is employed.

• Properly label devices with a physical ID tag.

• Make sure device’s environmental conditions are adequate, such as network closet temperature.

• Check if a self-assessment on network risks is performed by the business.

• Ensure that data are secure both while in motion on the network and at rest on network endpoints.

• Verify which authentication protocols are in place to grant network access.

• Don’t reinvent the wheel. There are network audit checklists readily available through professional organizations and standard boards