Home » Computers » Security

Don't Take Security Off Your Priority List

Oct 12, 2007
With the advances of technology and the media hype surrounding security risks, one would assume that security would always remain at the top of Organizations' priority lists.

Security assessments are conducted for our clients to provide them with a snapshot of their security postures, assessing their overall information security programme and corporate governance.

The trends identified security specialists include the following:

Technology is not enough
Organizations' views on security are still primarily focused on hardware and software instead of implementing defence-in-depth strategies. IT departments authorise reactive short-term fixes without looking at the full context of any incidents, or they rely heavily on technology in lieu of programmes that include components of risk management, process, organisation and people.

Organizations rely heavily on security perimeter technologies such as perimeter firewalls and VPNs, with much less focus on internal security. Perimeter technologies need to be expanded and the focus needs to be on internal security measures, such as Internal Segmentation, Intrusion Prevention, Vulnerability Management and Admission Control.

Organizations are realising that in today's business environment, "an internal network is not much safer than an external network". Enterprises are required to provide more users with access to their network and information resources; they have to manage multiple levels of access to their information resources, based on the users' roles and responsibilities, whether it is for customers or business partners requiring access to information, or for mobile users requiring access to applications from outside the enterprise's walls, to name but a few.

People and Organizations can have a big impact
Few Organizations have incorporated internal security training and awareness programmes into their overall security strategy.

Most end-users and business managers have not been made aware of the security risks of accessing the corporate network while working from home or on the move, and how this can impact the organisation.

Organizations can implement as much security technology as they deem necessary, but without making the end-user aware of how their actions can pose a security risk, technology has a limited effect.

Compliance does not equal security
Organizations in general have yet to accept risk management and corporate governance as core to their overall security programmes and there is still a lot of work to be done involving top management.

Traditionally, security has been left in the hands of the IT department. As such, top management is not really involved in the overall risk management plan of the organisation as it relates to IT security.

There is a considerable lack of awareness among business managers regarding how security impacts the organisation. Most business managers also equate compliance with security, to the detriment of the organisation which is often the case.

The Sarbanes-Oxley Act dictates that Organizations need to control access to their systems and also report on the users who have accessed the different systems. To enable this, security tools are required. This doesn't necessarily mean that the organisation is free from hackers, spyware and all other security issues. It just means that the organisation has the ability to check and identify users who access specific systems.

Processes are key
Companies in general demonstrate few efforts around security programme assurance, event logging, incident reporting and pro-active response activities. As such, many Organizations do not have an information security strategy that details processes to further ensure complete security.

Some companies also implement the best security technology available on the market, without having the people or the skills to properly manage these tools, and to ensure that proper processes are followed. A practical example is where users make changes on the network. However, without a change management process in place, this may pose a security risk.

While Organizations often increase spending on security technologies, the number of incidents continue to rise, which shows that a holistic and proactive approach to security is the best way forward.
About the Author
Datacraft is the leading independent IT services and solutions company in Asia Pacific. Datacraft combines an expertise in networking, security, Microsoft solutions, storage and contact centre technologies, with advanced skills in consulting, integration and managed services, to craft IT solutions for businesses.
Please Rate:
(Average: Not rated)
Views: 267
Print Email Share
Article Categories
    • Artists
    • Gambling
    • Humanities
    • Humor
    • Movies
    • Music
    • Photography
    • Tattoos
    • Television
    • Classic Cars
    • Motorcycles
    • Recreational Vehicles
    • SUVs
    • Trucks
    • Vans
    • Branding
    • Business Opportunities
    • Careers and Jobs
    • Corporate
    • Customer Service
    • Direct Mail
    • Entrepreneurship
    • Ethics
    • Financing
    • Franchising
    • Home-Based Business
    • Human Resources
    • Import and Export
    • Leadership
    • Management
    • Market Research
    • Marketing and Advertising
    • Negotiation
    • Network Marketing
    • Networking
    • Organizational
    • Presentation
    • Project Management
    • Public Relations
    • Small Business
    • Strategic Planning
    • Team Building
    • Telemarketing
    • Training
    • Ask an Expert
    • College and University
    • Home Schooling
    • K-12
    • Languages
    • Online Education
    • Psychology
    • Accounting
    • Credit
    • Currency Trading
    • Debt Consolidation
    • Insurance
    • Investing
    • Leasing
    • Loans
    • Mortgage
    • Mutual Funds
    • Personal Finance
    • Stock Market
    • Structured Settlements
    • Taxes
    • Wealth Building
    • Coffee
    • Cooking
    • Gourmet
    • Recipes
    • Wine and Spirits
    • Acne
    • Aerobics
    • Alternative Medicine
    • Beauty
    • Cancer
    • Cosmetics
    • Depression
    • Diabetes
    • Diseases and Conditions
    • Fitness Equipment
    • Fitness
    • Hair Loss
    • Heart Disease
    • Medicine
    • Men's Health
    • Muscle Building
    • Nutrition
    • Skin Care
    • Supplements and Vitamins
    • Weight Loss
    • Women's Health
    • Yoga
    • Arts and Crafts
    • Babies
    • Collecting
    • Elderly Care
    • Genealogy
    • Hobbies
    • Parenting
    • Pets
    • Pregnancy
    • Woodworking
    • Feng Shui
    • Gardening
    • Home Appliances
    • Home Security
    • Interior Design
    • Landscaping
    • Affiliate Programs
    • Article Marketing
    • Auctions
    • Audio
    • Banner Advertising
    • Blogging
    • Broadband
    • Domain Names
    • E-Books
    • E-Commerce
    • Email Marketing
    • Ezines and Newsletters
    • Forums
    • Internet Marketing
    • Link Popularity
    • Pay-Per-Click
    • Podcasting
    • RSS
    • Search Engine Marketing
    • Search Engine Optimization
    • Security
    • Social Media
    • Spam
    • Video
    • Viral Marketing
    • Web Design
    • Web Development
    • Web Hosting
    • Copyright
    • Cyber Law
    • Intellectual Property
    • National, State, Local
    • Patents
    • Regulatory Compliance
    • Trademarks
    • Buying
    • Selling
    • Baseball
    • Basketball
    • Boating
    • Cycling
    • Extreme Sports
    • Fishing
    • Football
    • Golf
    • Hockey
    • Hunting
    • Martial Arts
    • Running
    • Scuba Diving
    • Soccer
    • Swimming
    • Tennis
    • Dating
    • Divorce
    • Marriage
    • Weddings
    • Astrology
    • Buddhism
    • Christianity
    • Faith
    • Hinduism
    • Islam
    • Judaism
    • Meditation
    • Metaphysical
    • New Age
    • Cable and Satellite TV
    • Cell Phones
    • Communication
    • Gadgets and Gizmos
    • GPS
    • Satellite Radio
    • Video Conferencing
    • VoIP
    • Addictions
    • Coaching
    • Goal Setting
    • Motivational
    • Stress Management
    • Time Management
    • Clothing
    • Electronics
    • Fashion
    • Gifts
    • Jewelry
    • Causes and Organizations
    • Environment
    • History
    • Holidays
    • Men's Issues
    • Nature
    • Philosophy
    • Politics
    • Women's Issues
    • World Affairs
    • Air Travel
    • Camping
    • Cruises
    • Destinations
    • Outdoors
    • Article Writing
    • Book Reviews
    • Copywriting
    • Fiction
    • Non-Fiction
    • Poetry
    • Quotes
    • Screenplay
    • Tools and Resources