Evaluating your organization's infrastructure security posture involves a comprehensive review of all of internal and external facets of your infrastructure. Security vulnerabilities can often arise from unexpected areas - for example, one system may be considered secure, but may share information with another system that has not been deemed as needing the same security, potentially creating a hidden vulnerability.

Partners who are given access to an organization's data and systems can be another source of vulnerability. Ensuring just the right levels of access and protection for third parties is critical, both to prevent unauthorized access to internal information and to ward off threats that may arise through these partners' potentially less secure systems.

Another major area of review is the currency of the security components within your infrastructure. What may have been perfectly adequate at the time of implementation may now be less effective - due to internal organizational changes, external changes in the type of threat it addressed, and evolving technologies.