Protecting more than just your network

Many organizations, especially smaller business with limited budgets and limited IT personnel, do not understand the importance of Network Security.

Network Security on its lowest level means:

  •  Protecting your network infrastructure from viruses and intrusion from the outside world.

But it is more than just protecting your computers and your network from a virus or a hacker. It also means, and this is more difficult, protecting your business. 

Securing the network infrastructure seems to be an easy undertaking. You may install a firewall, setup proxy servers, etc. and even deploy the latest virus protection software or appliance.

Today more harm is done from within an organization than from the outside world, due to missing policies, policies not being enforced and not knowing the policies. 

Security policies lay down the fundamentals like:

  • Firewalls, their deployment, monitoring and maintenance
  • Intrusion detection systems
  • Anti Virus Software
  • Backup and restore procedures
  • Data Center access controls
  • System administration checklists and system access control
  • Other requirements may apply, depending on your business complexity (SOX, HIPPA, PCI, etc.)

 I have seen security policies that were long and complex, using lots of technical terms the average user would not understand. What happens to these security and operation policies? Nothing, due to its complexity they will not be read and collect dust somewhere and there for they are not enforced and/or followed.

It is imperative to not only keep all policies short and easy to read and understand, but only to distribute policies as required. The average day-to-day user does not need to know how your firewall must be configured and how often virus signature updates are performed.

CO-016-0407 A good and effective security policy …

… is a policy that will be read and can be understood and followed!

… will protect your IT Infrastructure and your Business!

 



Like