13.14 Conclusion

 < Day Day Up > 



To protect valuable information, companies must establish a sound security policy before an intruder has an opportunity to violate the network and do serious damage. This means identifying security risks, implementing effective security measures, and educating users on the importance of security procedures. There is no way to bypass the human element—a commitment to secure computing and networking must be made at all levels of the organization if security provisions are to have the desired effect.

Ignoring security issues can result in information theft, malicious file tampering, and snooping by intruders inside and outside of the organization. In trying to deal with the consequences of leaked information, a company can experience immediate financial loss and, in the long term, damage to its competitive position. Depending on the nature of the security breach and the kind of information involved, such laxity can even expose the company to litigation, forced settlements, and government fines.

Few companies would dispute the need for a secure enterprise network, particularly with the growing number of telecommuters and mobile professionals who need remote access to the corporate network, typically through Internet connections. But security is a full-time endeavor that requires a proactive approach, specialized technical staff, and appropriate tools. Many small to mid-size businesses do not have the expertise to set up and manage firewalls and intrusion detection systems. Such organizations should consider outsourcing security to a qualified third-party firm.

Other companies do have the technical expertise on staff to set up their own security systems, but even these firms often need help in assimilating the information generated by these systems so they can respond to possible threats in a timely and appropriate way. The sheer volume of information that security systems generate, often hundreds of pages, is what really needs to be managed. If a company is fully capable of setting up and managing its security systems but is not able to keep up with the volume of information, then only this component need be outsourced. There are security firms that provide a monitoring, alerting, and reporting service without forcing companies to subscribe to a fully managed solution. This arrangement helps companies keep their costs down, while allowing them to reap the full advantages of their investment in security systems.



 < Day Day Up > 



LANs to WANs(c) The Complete Management Guide
LANs to WANs: The Complete Management Guide
ISBN: 1580535720
EAN: 2147483647
Year: 2003
Pages: 184

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net