|
Security
Dynamics
Network
security is about setting up a defence mechanism. It is more
than just the security measures provided by most applications
like passwords, etc. In the name of security two things are
happening today. While on one hand most companies are avoiding
connecting their LANs directly to the external environment, on
the other some have installed firewalls in the critical servers
on their network. "However, all this is not foolproof and
sufficient," explains Balakrishnan R, COO, Euclid. "A
firewall is only a tool and it needs to be implemented aptly
using security policies and procedures."
Infosec is more about a
well-formulated policy than technology deployment. It is about
allowing universal access. It is about understanding the user's
need and what is provided by way of technology. In toto, a
security policy is about understanding business operations,
applications and usage, and building a framework around this. A
crucial step in this regard is to pinpoint the vulnerabilities,
understand how susceptible the network is to a security
infringement, monitoring of potential risk factors such as VPNs,
cable modems, and mobile users, and to have intrusion detection
mechanisms in place to respond quickly and effectively. And most
importantly, it needs to be seen that the bandwidth is not
clogged.
It is not so easy as on
one hand domain expertise is needed, and on the other, it is a
process involving people from the top to bottom to define a
security policy and how to manage it. Formulation of a security
policy does not end with mapping; it demands defining a security
scheme-password allocation, backing up of data, and so on. This
is a cumbersome process and therefore, most companies are
sulking. Whatever the specs, it is crucial to develop a security
strategy that addresses the network as a single entity. Anything
short of a comprehensive solution leaves the network vulnerable.
Internet Security Systems (ISS), a leading player in the
security arena, professes that the key to creating useful,
transparent, and enforceable network security comes from
adopting a process that provides broad-based needs input,
careful identification of network resources and access
requirements and data-driven implementation and management
services.
Another important factor along with the
security is a business continuity planning. It is the surrogate
capability available in the event of a disaster. Business
continuity planning seeks to preserve the assets of an
organization in the event of a disaster: Its capability to
achieve its mission; its operational capability; its reputation
and image; its customer base and market share and; its
profitability. Page(s) 1 2
|
Print
Comment
Email
Digg
Del.icio.us
Reddit
