Audit all configurations regularly (including servers, firewalls and network components)
A comprehensive audit gives an up-to-date and fair picture of the level of security of all the components as well as their interconnections. This is an inventory of a given moment that allows security improvement actions to be properly prioritised.
The audit will highlight the components or connections that fail to meet the security standards and will change constantly. If repeated regularly, it facilitates a neutral and factual check as well as providing an opportunity for official reporting. Scan your infrastructure regularly for vulnerabilities (e.g. once a month).
Doing a regular check of your configurations helps you to detect possible problems and to remedy them