Agency: | State-wide | Report Date: | July 27, 2016 |
Type: | IT Security Review | LAFRC Date: | October 13, 2016 |
Issued By: | ManTech International Corporation | Period: | January-March, 2016 |
[pdf] Download Report
Executive Summary
During the months of January, February and March 2016, ManTech performed an external/internal vulnerability assessment of the State of North Dakota’s statewide computer network and application security assessment of the States Work Force Safety web application. In March 2016, ManTech performed multiple penetration testing scenarios against the State's internal network.
Findings
- Enforce a Structured Enterprise Patch Management Program
- Provide Additional Training to Staff
- Update, Finalize and Enforce Policies and Procedures
- Review and Update all Encryption
- Create, Follow and Enforce an Effective Continuous Monitoring Policy and Procedures