Security management is very much required, in fact essential, if you are doing a large scale business or responsible for the security. In this article we discuss about some steps that can be considered for increasing the security (and you might have issues with some of the steps, or perform some additional steps):
- There might be a lot of unwanted people from whom you wish to keep your network and database safe. For this purpose a strong network guard must be used with an equally strong firewall and proxy.
- Here the basic anti – virus software would not work. You have to go for strong antivirus packages. There are separate internet security software packages also.
- Stronger passwords can be used for authentication purpose and it should be changed on a bi – weekly or a weekly basis if a wireless connection is being used. The password must be robust and follow the protocols to prevent the password from being guessed.
- A network analyzer can be created for the purpose of monitoring the network. It can be used as and when required.
- There are certain physical security precautions that can be exercised for the employees.
a) Physical security management techniques can be implemented such as the closed circuit television for the zones that are restricted with security viewing these videos.
b) The perimeter of the company can be marked by security fencing backed up closed circuit television cameras.
c) The security rooms and the server rooms are fire – sensitive and so they should be equipped with fire extinguishers.
d) Physical security can be maximized with the security guards who have been given specific protocols to follow.
Some of the above points hold good for large govt. institutions and schools too. School networks can put up a firewall and proxy that is adjustable for restricting outsiders from accessing the database. Schools too need to use strong internet security software packages, also because students tend me to be the most curious and prone to using software that may have viruses or worms. Librarians, administrators, and teachers should constantly supervise the network to provide guarantee protection against security threats. An internet usage policy that is easy to understand, accept and enforce for differentiating between the personally owned and school owned devices. for the institutes that provide higher education must implement the FERPA compliance. Large govt. agencies should also use stronger firewalls and proxy for keeping the intruders at bay. Strong encryption must be done for safe–guarding the communication. The wireless connection must be authorized in whitelist. Others should be blocked. All of the networking hardware must be deployed in secure zones. A private network should be created up on which all the hosts should reside after which they won’t be visible to the outsiders. Security management procedures that are used by various organizations include risk analysis, risk assessment, classification of information, and categorization of assets, and rating the vulnerabilities of the system. These measures are followed for the implementation of the effective controls. The principles of the risk management are followed for managing the security threats. The types of the security threats can be classified in to two broad categories namely the external security threats and the internal security threats.
Avoiding the possibility of creating any opportunity for attackers is the best thing to do in the first place. The effectiveness of the controls that are used for controlling these threats is assessed. The consequences of the risks are also assessed. The risks have to be prioritized as per the impact they can have on the security system.
- There might be a lot of unwanted people from whom you wish to keep your network and database safe. For this purpose a strong network guard must be used with an equally strong firewall and proxy.
- Here the basic anti – virus software would not work. You have to go for strong antivirus packages. There are separate internet security software packages also.
- Stronger passwords can be used for authentication purpose and it should be changed on a bi – weekly or a weekly basis if a wireless connection is being used. The password must be robust and follow the protocols to prevent the password from being guessed.
- A network analyzer can be created for the purpose of monitoring the network. It can be used as and when required.
- There are certain physical security precautions that can be exercised for the employees.
a) Physical security management techniques can be implemented such as the closed circuit television for the zones that are restricted with security viewing these videos.
b) The perimeter of the company can be marked by security fencing backed up closed circuit television cameras.
c) The security rooms and the server rooms are fire – sensitive and so they should be equipped with fire extinguishers.
d) Physical security can be maximized with the security guards who have been given specific protocols to follow.
Some of the above points hold good for large govt. institutions and schools too. School networks can put up a firewall and proxy that is adjustable for restricting outsiders from accessing the database. Schools too need to use strong internet security software packages, also because students tend me to be the most curious and prone to using software that may have viruses or worms. Librarians, administrators, and teachers should constantly supervise the network to provide guarantee protection against security threats. An internet usage policy that is easy to understand, accept and enforce for differentiating between the personally owned and school owned devices. for the institutes that provide higher education must implement the FERPA compliance. Large govt. agencies should also use stronger firewalls and proxy for keeping the intruders at bay. Strong encryption must be done for safe–guarding the communication. The wireless connection must be authorized in whitelist. Others should be blocked. All of the networking hardware must be deployed in secure zones. A private network should be created up on which all the hosts should reside after which they won’t be visible to the outsiders. Security management procedures that are used by various organizations include risk analysis, risk assessment, classification of information, and categorization of assets, and rating the vulnerabilities of the system. These measures are followed for the implementation of the effective controls. The principles of the risk management are followed for managing the security threats. The types of the security threats can be classified in to two broad categories namely the external security threats and the internal security threats.
Avoiding the possibility of creating any opportunity for attackers is the best thing to do in the first place. The effectiveness of the controls that are used for controlling these threats is assessed. The consequences of the risks are also assessed. The risks have to be prioritized as per the impact they can have on the security system.
No comments:
Post a Comment