Viewing 6 reply threads
  • Author
    Posts
    • #1554828
      Leos Marek
      Moderator
      Member Points: 23,212
      Author of Year 2020Author of the Year 2021
      Rank: 4

      Hello folks,

      I’d like to hit you with a sort of a brain storming. Let’s say I am an IT provider for SMB sector and I’d like to offer my services for completely new customer. I have 0 knowledge about his IT environment, online services, etc. What would be your approach in making your first move with auditing such customer?

      Points in my mind:

      1. Try to gather as much information from the customer (servers, services, etc).
      2. Connect my PC to their network, see what IP I get, what is gateway and DNS.
      3. Assume the DNS is also AD server.
      4. Check WAN connection, active network devices.
      5. Run network scanner to acquire live machines, ideally something like Angry IP or NMAP.
      6. Check with the customer if he knows the devices.
      7. Identify all devices, run HW scan.
      8. Run installed SW scan, check all paid licenses with customer, ask for certificate of purchase.
      9. Ask for know providers, contacts, online services in usage.
      10. Webhosting/domain/O365 logins.
      11. Servers:
        1. licenses, 3rd party SW & support
        2. other features in usage
        3. backups
        4. shares for users
        5. firewall config, GPO security baseline
      12. PCs:
        1. licenses, HW support (warranty), HW audit
        2. All SW installed, license keys
        3. assign user to a device

      I will be really greatful for anything others might add.

      Thanks, Cheers

      Leos

    • #1554829
      Michael Pietroforte
      Keymaster
      Member Points: 32,919
      Author of the year 2018
      Rank: 4

      That’s quite a comprehensive list you have there. My guess is that most of your customers will tell you that there must have an Excel sheet with their network documentation somewhere and that they will contact you as soon as they found it. 😉

      Seriously, I’d say the questions you need to ask depend very much on the service you provide. Ask only what you really need to know to get the job done. This your customer, don’t make them work for you.

    • #1554841
      Leos Marek
      Moderator
      Member Points: 23,212
      Author of Year 2020Author of the Year 2021
      Rank: 4

      I can tell you that it is not the case. The people I come in contact with, usually owners of smaller companies, they do take care about every dime they spend. So they usually know what they pay for and to who.

      For example, one of the customers have dozen of old CDs and licences, but when we were looking for Outlook 2013 licence they had on the PC, they claimed to know nothing about it, but two weeks later we found the license bound on the owner MS account.

      I dont want my customer to work for me, but also, I want to provide professional services. If I come to a new door, and I am supposed to sign a contract with that door, I need to ask customer for licenses they have, and they need to provide it. Otherwise, it might be the case that they did not obtain it legally and I dont want to have anything in common with such case. So, they either have the license certificate, or they need to buy a new one.

      Maybe my post said “ask customer” multiple times, but in the end its all about the licenses, access to online services, etc.

    • #1554842
      Michael Pietroforte
      Keymaster
      Member Points: 32,919
      Author of the year 2018
      Rank: 4

      I don’t think that you are liable with regard to the licenses. You could also ask if they have stolen all the PCs in their network and demand to see the receipts.

      What I meant is, you only need to ask for information that is required for the job. If they hire you to deploy a new web server, you don’t have to run a network scanner. So it really depends…

      • #1554843
        Leos Marek
        Moderator
        Member Points: 23,212
        Author of Year 2020Author of the Year 2021
        Rank: 4

        From legal perspective, you are right. I can hardly be sued by government for a such misuse. But from a co-operation perspective, the customer will try to point finger at you/me. I have already experience this. And for that reason, I want to be covered.

        What the topic was about, it that I am signing an agreement with a customer to provide him IT services. Not a one time job. And my goal is to provide top-notch services, with added value, not just deploy something and go away.

    • #1554844
      Paolo Maffezzoli
      Participant
      Member Points: 66,245
      4sysops member of the year 2018Member of the Year 2019Member of the Year 2020Member of the Year 2021
      Rank: 4

      Here some various points to add about IT audit :

      Data Center

      – Check physical security
      – Audit access Logs
      – Air conditioning (if possible with redondancy)
      – System for environmental controls ( Smoke detectors, water, etc.)
      – Fire protection system
      – Uninterruptible Power Supply (UPS)
      – Monitoring of temperature and humidity

      Network devices
      – Installed printers (local and MFP)
      – Access Points
      – Voice and video systems

      • #1554845
        Leos Marek
        Moderator
        Member Points: 23,212
        Author of Year 2020Author of the Year 2021
        Rank: 4

        Thanks Paolo, really useful. Anything else in your mind?

        cheers

        L

        • #1554846
          Paolo Maffezzoli
          Participant
          Member Points: 66,245
          4sysops member of the year 2018Member of the Year 2019Member of the Year 2020Member of the Year 2021
          Rank: 4

          About local network can be useful have a network discovery tool to identify and design the LAN topology, have an assesment to identify Access Points, Switches, Routers etc. Consider also to Audit the Network Bandwidth Demands.

    • #1555439
      Steven
      Participant
      Member Points: 1,114
      Rank: 3

      Hello Leos,

      Your point 2. seems useless to me because you can use one of their machine to do that task and because you are looking at the server later on your list, so you are doing the same job twice. A majority of the time, they have a configuration of one server that does everything, a switch that is most-likely not configured and non-manageable and the ISP router. SMB are rarely investing right of the bat in IT equipment.

      Like Michael said, take the information you really need. Having all the hardware and software information will serve what purpose? If I were to take over a company IT department, I’d ask my customer if he has other paid support like Xerox. That helps to draw a line on what’s your responsibility.

       

      Steven

      • #1555442
        Leos Marek
        Moderator
        Member Points: 23,212
        Author of Year 2020Author of the Year 2021
        Rank: 4

        Hello Steven,

        well I like to use my own management machine for such actions as I already have all needed tools installed. You cant read everything from server, like devices with fixed IPs (Wifi antena for example) unless you do IP network scan.

        What purpose is to have HW/SW inventory? Id say that is a standard information every company should have. Same as you have evidence of your emplyees, properties, cars, etc. There are some legal things each company has to follow. From given yearly company $ income you are also obgliged to have external auditors. And simply, because I like to do my job properly. If I am supposed to support someone, I need to know that their environment is in specific condition and that they have legally purchased the software. Why should I support something that was not legally obtained?

        If you follow any IT best practices (ITIL, CIS Controls) then HW/SW audit is one of the main points you have to take care about… There are many reasons for that. One might be that you should simply know what software with what versions you have in your environment, so you can react to security threats or update outdated SW versions…

      • #1555446
        Leos Marek
        Moderator
        Member Points: 23,212
        Author of Year 2020Author of the Year 2021
        Rank: 4

         SMB are rarely investing right of the bat in IT equipment.

        Well, thats right on one point. On the other hand, the reason is simple. They will tell you that they are SMB, they are not attractive to attacks or whatsoever. But then they do not realize, most of the attacks can come from their own employees. Like unsatisfied person selling all the data to someone else, because they know nobody is tracking the data movement and nooone can ever find out who did it….

        BUT – these things are not a matter of cost… You can accomplish such things with your single Windows Server license, if you know how.. 🙂

    • #1557684
      Elalamein
      Participant
      Member Points: 100
      Rank: 2

      Hi All,

      Another thing you might want to know is who has managed the network up to that point and how privacy is managed
      (E.g. GDPR or similar).

      Also understanding if there is a network management system would be useful … (es: Total Network Inventory o IT Asset Tool or Observium)

       

       

Viewing 6 reply threads
  • You must be logged in to reply to this topic.
© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account