Scoping2018-10-09T13:16:00+00:00

Scoping

Texaport provides Scoping documents for clients to help identify and confirm their digital and physical assets

Scoping

When considering Cyber Security vulnerability, businesses first need to identify their hardware, software, users, processes, procedures and access to data.

Texaport work with clients to complete detailed “Data Scoping” documents which help to identify, locate and “map out” data throughout the organisation. This data can take many forms and be scattered throughout the organisation so will involve a cross-department approach to complete.

Once data has been scoped throughout the organisation Texaport can work with clients to ensure compliance with regulations and standards as well as improve their security posture.

Data Scoping

Texaport provide a “Data Scoping” document to Clients which should be completed with all company information assets including (but not limited to):

  • Supplier Data
  • Client Data
  • Employee Data

An alternative to the data scoping document could be an up to date “Information Asset Register”.

This helps clients confirm the data which they control or process on a regular basis and highlights potential vulnerabilities.

Hardware Scoping

Texaport provide a “Hardware Scoping” document to Clients which should be completed with all company assets including (but not limited to):

  • End-Points (PCs, Macs, Laptops, Desktops etc)
  • Servers
  • Network Infrastructure (Switches, Routers, Firewalls)

Clients will usually be aware of most devices, but working cross-departmentally can usually highlight devices which are unknown for the rest of the business and present potential vulnerabilities.

Service Scoping

Texaport provide a “Service Scoping” document to Clients which should be completed with all the services used by the company including (but not limited to):

  • Line of Business Software
  • Microsoft Office
  • Accounting Package
  • File Storage
  • Access Control
  • Security Software
These services can be used to control or process the data held by clients this can include financial data, client history, personal data, email communications and other sensitive data.

Access Scoping

Texaport provide an “Access Scoping” document to Clients which should be completed with all users access levels to each system and service used by the company including (but not limited to):

  • Line of Business Software
  • File Storage
  • Cloud Software
  • Accounts
  • Social Media
  • Marketing software
  • Client Services

Users should only have access to the systems and “privilege” levels which are required to perform their job. Administrator access should be limited and avoided to prevent irreversible changes and unrestricted access to company data and devices.

Scope

Audit

Report

Implement

Review