August 12, 2021
GRF Cybersecurity Risk Assessment and Scorecard Blog Series
It’s crucial for your organization to have an online presence to effectively communicate your brand and your mission. However, you may not be aware of everything that people can see. If end-users are not able to find your organization online – or they find misleading, incorrect, or damaging information – your organization’s reputation is at risk. Further, you can be liable for the items you own online.
How do you know if you are at risk? Assessing your digital footprint is an essential first step.
What makes up your digital footprint?
For an organization, a digital footprint is comprised of all the information that can be found online that is associated with your organization’s domain name. Many items make up your digital footprint and understanding them is a key step in understanding your cyber posture. Online data is associated with your organization’s digital footprint through several unique identifiers:
IP Address – An IP (internet protocol) address is a numerical label assigned to each device connected to a computer network, so devices online can find and send data to one another. IP addresses use the same principle as a street address, so there can only be one address per device, and it must be unique.
Domain – a domain name is a text version of an IP address, making it easier for humans to recognize. For example, it is easier to remember www.GRFCPA.com than 18.104.22.168. A domain can be the name of your website and it can also be everything after the “@” symbol in your email address.
Subdomain – an independent extension of a main domain. For example, if you have an email associated with your domain name, it might use email.yourdomainname.org. They are a part of your main website but found separately by search engines.
DNS Records– the Domain Name System maps a user-friendly web address to its IP address. The DNS routes end users to your website or application by translating the website name (like www.grfcpa.com) into an IP address, and then making the connection.
Getting Started: How GRF can help
We can help determine your digital footprint by utilizing open ports, services, and application banners. We use a variety of sources to identify all the information that comes from your domain name, including IP, subdomains, DNS records, and more. The resulting analysis gives you an understanding of everything that your organization owns on the internet.
Knowing your digital footprint is one component of creating an effective cybersecurity plan and is part of GRF’s Cybersecurity Risk Assessment and Scorecard, which offers a valuable means of staying on top of rapidly evolving security threats. For more information on our Cybersecurity Risk Assessment and Scorecard, reach out to our Senior IT & Risk Analyst Darren Hulem, CISA, Security +, PCIP, or Risk Analyst Tom Brown, CAPM, through our contact us page.