|
IT security has become a major, yet often neglected, theme in IT planning. Surveys carried out by reputable international firms reveal that 75% of workers from all walks of life have never received any type of training on how to use e-mail and the Internet to minimize security threats to the entity’s network. Our own experience shows that often employees are not told about the part they can play in avoiding infecting the network with downlodable Internet files or dubiously titled e-mail attachments. Naturally, this is just the tip of the iceberg – there is much more about IT security.
We can segment the topic in four parts:
- Restriction services, such as anti-virus protection
- Operations, such as asset management
- Privacy and physical security
- Recovery services, such as disaster recovery and business continuity
Following recent tragic events around the world, be they terrorism or natural disasters, many companies had to rethink their continuity plans and renewed importance has been given to disaster recovery. Also, the Y2K issue drew considerable attention to contingency planning.
Whilst back-ups are a fundamental part of any continuity strategy, other important services can be built as additional security. These include stand-by servers and workstations, stand-by fax machines and phones. Having back-up facilities in a separate location from the company’s main offices is also good practice but care must be taken to ensure that offsite data storage is physically secure and reliable. You also have to ensure that back-up is taken frequently.
There are different tiers of back-up storage. These range from mirrored storage, which gives a near-real-time of the live system, to snapshots of data taken at certain intervals.
E-business security has also had to be rethought with the advent of broadband Internet connections, VPN’s and remote-access becoming standard for most businesses. E-business security cannot be achieved by simply deploying products such as firewalls. It must comprise management processes, working procedures and defensive measures. It has to address:
- Security of processors and stored data
- Security of information on the network, in particular websites
- User management and access control
- Security management, including creating and maintaining security policies, analyzing and monitoring corporate systems
IT security is a complex technological challenge. Whilst our specialists can help businesses through security audits and reviews, employee training is essential. They need to understand the steps they can take to minimize the ever-growing number of virus and bandwidth threats that come with Internet and e-mail use at the workplace.
|
Services 