Answer:
The answer lies in getting the right balance. There are four key solution areas for addressing information security threats and risks:
Security policy. Spelling out requirements, policies and ramifications can aid in an organization's cost/benefit analysis. When security policies are set and enforced, a plan is created of which everyone is aware and to which everyone is expected to adhere. The strongest security policies are constantly re-evaluated and measured in order to gauge their success.
Firewalls and Anti-Virus tools. While not complete when used alone, firewalls and anti-virus software are an important first step. Systems put in place in order to provide a barrier between an organization's internal information and files and external Internet users help to keep company information protected internally and to block external data and materials that may be harmful to the IT infrastructure. Similarly, scanning and blocking known viruses will reduce the loss from hackers when the signatures are identifiable.
Constant assessment. Only organizations that constantly assess, analyze and then administer their IT infrastructures can set benchmarks for security, monitor security progress and determine security success.
Making system administrators responsible for security. In addition to empowering their IT professionals to protect the infrastructures they administer, organizations should be certain to also provide the time, training and resources necessary to allow system administrators to be effective system security officers.
While no system, software or security policy is infallible, when combined to create an overall security management plan, these solutions can help organizations ensure that their systems and networks are secure.
About BindView Corporation
BindView Corporation, the worldwide leader in providing host-based vulnerability assessment software, delivers proactive security management solutions to help safeguard computer systems and networks from security breaches before they occur. Unlike traditional approaches, the company's solutions work from the inside out to help protect business systems from both internal and external threats, thus reducing business risks. BindView's suite of cross-platform software and associated services help secure, automate and reduce the costs of managing information technology infrastructures. More than 20 million licenses of our solutions have been shipped worldwide to approximately 5,000 companies, including more than 80 of the Fortune 100 and 24 of the largest 25 U.S. banks. Contact BindView via e-mail at info@bindview.com or visit BindView's World Wide Web Site at http://www.bindview.com. BindView can also be reached at (800) 749-8439 orat (713) 561-4000.
First published on BankersOnline.com 6/3/02
print
share