Security challenges
- Article 1 of 3
- Enterprise Security, June 2004
As IT has become more and more important to the modern business, so security has become a business issue.
Page 1 | Page 2 | Page 3 | All 3 Pages
IT security is becoming more and more complex. Viruses, worms, firewall management, patch management, intrusion detection, intrusion prevention: the list of security technologies that IT staff need to manage is long and growing longer every day. What should IT managers do to address these growing challenges?
There are three points to consider: management, technology implementation and policy design. In many cases, a network (and any existing IT security approaches) will have evolved over time, with users, applications, data, wireless links, and so on being added or removed on an ad hoc basis, often with little thought for security. Initially, organisations should begin by identifying and dealing with such points of weakness and implementing a structured management process.
Risk assessment
Conducting a risk assessment - a crucial first step - begins by understanding the configuration of IT and data, and grading the level of protection given to resources. Once common vulnerabilities have been identified, organisations can make simple corrections, such as amending access rights and privileges and installing security-related software patches - and putting in place the business processes to ensure that these are implemented on a regular basis in future.
Then, the organisation can set a baseline for testing and alert purposes, using reporting tools to audit against that level, looking at how people and process changes can bring systems into line with the security policy.
Decisions also need to be made about what else to protect. Security involves compromises and organisations need to identify what parts of their networks are most at risk and patch and protect these accordingly.
Devices operating in isolation are no longer sufficient. An integrated approach is necessary, with two or three different solutions required to make sure malicious code does not compromise the whole network.
Vulnerability assessment
Analysis must also be ongoing. Risks continuously evolve and security should be checked regularly by locating where information is stored, understanding the security measures that are currently in place to guard that information and identifying areas of weakness and suspect configurations that place information at risk.
Some organisations, such as online gambling company Blue Square, take no risks at all. Blue Square conducts vulnerability assessment tests every week and it does not rely solely on automated tools, but employs outside security specialists.
IT managers also need to ensure that the technology used is intuitive. Platforms that can simplify the deployment, configuration, management and updating of security tools are vital, since an administrator has to be able to install and configure multiple security tools without having to learn multiple interfaces.
In particular, the enforcement and implementation of security policies must be straightforward, as should the task of making modifications to the security that reflect changes in the business environment. Equally, the ongoing task of updating both security software and 'attack signatures' associated with intrusion detection systems must be manageable for administrators.
Page 1 | Page 2 | Page 3 | All 3 Pages