IT Audit For RED Construction Group

This initiative aimed to evaluate the current IT infrastructure, assess cyber security measures, and ensure the hardware’s suitability for the company’s needs. As an expert IT partner to the construction industry, Akita was able to assist.

IT Audit Objectives

The primary objectives of the audit were to examine the existing network setup and hardware, conduct a cyber security review, assess the compliance and functionality of workstations, evaluate the Office 365 environment, review the Mobile Device Management (MDM) and InTune setup, analyze the domain and disaster recovery plans, and provide actionable recommendations for improvements:

Workstations Findings

The audit revealed that most workstations operated on Windows 10 Pro, which is set to reach its end-of-life in October 2025. An upgrade to Windows 11 Professional was already planned.

The audit highlighted users had full administrator access on their workstations, posing a security risk. The audit recommended restricting users to standard access rights which was carried out

Office 365 Environment

As Microsoft experts, Akita were able to assess the Office 365 environment for licensing, Microosft secure score, and SharePoint usage.

The audit recommended new processes for departing staff accounts to save costs and free up licenses. RED also demonstrated a strong Microsoft secure score, indicating a proactive approach to security measures. SharePoint usage was also deemed to be within acceptable limits.

MDM & InTune

InTune was used as the MDM solution for RED Construction. The audit identified two non-compliant devices and recommended reviewing them. The audit also highlighted the need for increased security and access control for devices accessing company data, which has since been implemented.

Domain and Disaster Recovery

The domain analysis included testing subdomains and geolocation information. The audit identified publicly accessible ports. Remedying this has since increased the organisation’s security profile.

The company’s disaster recovery plan emphasized the importance of minimizing downtime and data loss. Office 365 was identified as a critical provider, with data continuously replicated to multiple database copies in geographically dispersed Microsoft datacentres. It was advised the company review this setup.

Value Of A Comprehensive IT Audit

The IT audit and vCTO guidance provided valuable independent insights into the company’s IT infrastructure.

The audit provided several recommendations to enhance the company’s IT infrastructure. It suggested reducing licenses by converting departing staff accounts to shared mailboxes and considering Business Premium licenses to save costs.

Through implementing the recommendations, RED Construction was able to enhance its security, improve efficiency, and ensure compliance with industry standards – providing a secure and efficient IT environment for further growth.