Welcome Guest. | Log In| Register | Membership Benefits
  • Email this page E-mail this page
  • |  Print Print this page
  • |   Bookmark and Share
  • icon

Locking Up: Security To-Do List


By Karyl Scott
InformationWeek
October 15, 2001 12:00 AM

Most companies are looking more seriously than ever at security, and new initiatives are receiving greater financial support than they have in the recent past. Experts advise businesses to re-evaluate computer security practices in the wake of the Sept. 11 attacks.

  • Check computer security policies and computer security systems to make sure they're in sync.


    More Software Insights

    White Papers

    Webcasts

    Reports

    Videos


    Get a handle on change management with Solidcore Using Web 2.0 technologies, the software can help underwriters streamline their processes with automation, collaboration, and knowledge management capabilites. Splunk wins Best of Interop award. Search capability looks at log data across devices.
    Get a handle on change management with Solidcore
  • Conduct a security audit of policies and systems. The audit will bring to light major network and operating-system vulnerabilities. Review the audit results and set priorities for what needs to be fixed. Tackle the most critical problems first, says George Kurtz, CEO of computer-security consulting firm Foundstone Inc. Once is not enough-run the audits at least annually.

  • Make sure security policies are implemented consistently across departments and computer sys-tems. Internal security gaps, if left unaddressed, provide an easy way for hackers to penetrate IT systems.

  • Make sure IT departments have the latest versions of software, bug fixes, and security patches installed on critical systems. (The Code Red virus was able to spread because many companies simply didn't install a patch Microsoft had made available for its Internet Information Services Web server.) Implement intrusion-detection software that automatically scans a network for attempted incursions.

  • Don't scrimp on security expertise. If you haven't already, create a chief security officer position and make sure the administrators managing key networks and applications are fully trained. An improperly configured router or firewall can provide just the sort of open door a hacker needs to slip in undetected.

  • Implement behavioral security measures that monitor employees' use of technology resources. If someone's behavior deviates from normal practice, says Christopher Darby, CEO of security consultant @Stake, investigate the situation.

    close this window


    • Subscribe to RSS


    Advertisement

    CAREER CENTER
    Ready to take that job and shove it?



    TechCareers

    SEARCH
    Function:

    Keyword(s):

    State:
    SPONSOR
    RECENT JOB POSTINGS
    CAREER NEWS
    10 Search Engines You Don't Know About
    Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

    Yahoo Profits Fall 23%, Cuts 1,000 Jobs
    Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

    More articles from our career center





    Subscription Info
    Apply for a free 52-week subscription to InformationWeek (a $199 value)

    Last Name:

    First Name:

    Title:

    Company Name:

    City:

    Business Address:

    Zip:

    State:

    Email Address:

    NOTE: Offer valid for U.S., U.S. possessions, & Canada only