|
Network
Security
Network plays a major role
in an organization and the computer software systems fail as the
data may be stored on different servers on the network.
These policies and procedures shall include infrastructure
management processes, change management processes. As more
organizations are going wireless, the organizations must address
wireless networking as well as the conventional Local Area network.
Consider using Firewalls – either software of hardware.
Implement industry standard authentication and encryption methods
and perform a self-audit on a regular basis to locate any
unauthorized devices.
The software vendors,
both OS and application vendors, continuously upgrade their software
by providing patches for the security faults found in their
software. These patches are made available free of cost by these
vendors. You are expected to update the same once they are available
on the net. Ensure that all your software is updated with the latest
patches.
Virus is another culprit, which is an unwelcome guest
and tries to damage the data within the organization and some times
alter the data. Some virus may send data outside with out proper
identification or with stolen Ids. Ensure virus free environment and
discourage users to bring in any unwanted software or games into the
organization.
Web Browser and E-mail Client security shall be
addressed carefully. All software used to access through the
Internet shall be approved by an authorized agency. All files
received through internet shall automatically be scanned for any
virus traces and clean the same, if found infected. The
administrator may be authorized either to reject the mail or delete
the mail or delete only the attachment as per the policy.
If you
require some people to have Remote access Service (RAS) of Web
servers either for the
marketing people on the move or the people who operate from the
houses, take extra care
in creating permissions. There
is considerable risk in this if RAS is not configured properly.
|