IT Infrastructure Security - Under the Magnifying Glass...
by Skeleton Star
What are the risks?
- The disgruntled insider who has an attitude and wants to cause some damage. Since they are familiar with and usually have access to systems and hardware, the potential for damage can be huge.
- Corporate espionage. There is a legitimate practice called "Competitive Intelligence", but there are also illegal measures taken and funded by competitors.
- Threats of infection caused by hackers and/or cyber-terrorists.
What are the potential consequences?
- Loss of information assets: intellectual property and trade secrets.
- Loss of system availability due to the result of being "hacked" or infected with a virus.
- Loss of corporate reputation.
- Embarrassment due to being hacked.
- Loss of long-term business future due to inadequate business continuity planning to address a catastrophic event.
How is it usually managed?
Because of the constant barrage of new technology, information security is usually an add-on and not baked into the overall Information Technology (IT) design / infrastructure. It is usually addressed in a piecemeal fashion - one problem at a time. "We have a problem so we buy a solution to specifically fix that problem". With this approach you usually end up with robust security in some areas, and weak or no security in other areas - vulnerable.
|
Compensation Planning Tool All Businesses Need a Methodology to Compensate Their Employees Appropriately... |
Audit Guidelines - IT Be on Top of Your Game! Do NOT Be the Victim of a Poor Audit... |
How should it be managed?
An effectively secured IT Infrastructure must be based upon the same prudent business practices that applied to earlier manual systems; careful definition of individual responsibilities, separation of controls, maintenance of audit trails, protection of vital records, and access to information limited, based on "need-to-know". Successful implementation requires a top-down approach:
- Executive leader championship
- Comprehensive Policy
- Sound business practices with comprehensive controls
- Ongoing program to heighten and maintain employee security awareness
- Periodic reviews or internal audits to provide assurance
Responsibility for IT Security rests with all employees on an ongoing basis.
Skeleton Star is a business whose tagline is: "Providing Business Essentials... Making B2B Easy." Skeleton Star owns and operates several web sites of which the following is key to new entrepreneurs: Business Practices.
The author of this article, at one time, was an IT Staff Auditor for a Fortune 10 company, and later managed the global Information Security Program for the Information Technology organization that supported a Fortune 10 company. Reprinting and republishing of this article is granted only with the above credit included. Permission to reprint or republish does not waive any copyright or other rights.
navigation
random topics
information security basics
export compliance
computer viruses 1
business ethics 1
fax security
Stop SPAMMERS Now
You Need To Check Out This New Software That Just Became Available. It's Called My Contact Station, And It Is An All-In-One Secure Website Contact Solution That Solves The Email Harvesting Problem... Provides An Attractive Interface For Site Visitors... And Installs Easily In A Matter Of Minutes...
Compensation Planning Tool
All Businesses Need a Methodology to Compensate Their Employees Appropriately...
Top of Page | Home | Affiliates | Contact Us | Frequently Asked Questions | Website Overview | Visitor Welcome | Request a Quote | Site Map | Company Policies (last updated 04/14/2008)
Skeleton Star, Inc.
P.O. Box 558
Port Sanilac, Mi. 48469-0558
Support Desk
Copyright © 1999 - 2008 Skeleton Star, Inc. All Rights Reserved.
Sponsored Listings: If you would like to learn how to have your link included below... click here.