2016 State IT Security Review

Agency: State-wide Report Date: July 27, 2016
Type: IT Security Review LAFRC Date: October 13, 2016
Issued By: ManTech International Corporation Period: January-March, 2016

 

 

 

 

 

[pdf] Download Report

 

Executive Summary

During the months of January, February and March 2016, ManTech performed an external/internal vulnerability assessment of the State of North Dakota’s statewide computer network and application security assessment of the States Work Force Safety web application. In March 2016, ManTech performed multiple penetration testing scenarios against the State's internal network.

 

Findings

  • Enforce a Structured Enterprise Patch Management Program
  • Provide Additional Training to Staff
  • Update, Finalize and Enforce Policies and Procedures
  • Review and Update all Encryption
  • Create, Follow and Enforce an Effective Continuous Monitoring Policy and Procedures