Ten-Minute Guide To Network Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure
News
8/29/2005
12:25 PM
50%
50%

Ten-Minute Guide To Network Security

Keeping your network secure is a time-consuming job. But it needn't be that tough --- for help, follow our ten-minute guide to get you started on keeping your network safe.

The Internet can be a dangerous place, full of viruses, worms and hackers bent on doing harm to your network. "Security first" has become a kind of mantra for IT professionals and CIOs, while regulations like Sarbanes-Oxley have made network protection as much a question of legal responsibility as good business sense.

But between upgrading the local area network (LAN) to Gigabit Ethernet, deploying voice over IP (VoIP), putting out network fires and making sure everything runs smoothly, many IT managers are already stretched to the limit. Security can be a complex, expensive and time-consuming business.

Nevertheless, every great journey begins with a single step, and even if you only have ten minutes to devote to the project, you can still use that time to get the security ball rolling. "I think the key is not to think about securing your network in ten minutes," says Jason Hilling, Director of Managed Security Services Product Management at Internet Security Systems, "but to get the whole process started in those ten minutes."

So if you've got free ten minutes, here's what to do --- follow our ten-minute guide to network security.

Evaluate your security policy: Every organization needs some kind of security policy, but it is often surprising how many do not. The problem, of course, is that network security is often perceived as a technological problem that you can throw money and gadgets at to make better. If things were that simple, then worms and hackers would be a thing of the past.

"Every organization needs a policy to ensure that processes and procedures are in place to ensure security," Hilling says. "What are the acceptable use criteria? How are your systems built and have to ensured that there are no extraneous devices in the network or applications on networked devices? What are the acceptable communications applications? These are all things that you can deal with."

Hilling concedes that it takes time to develop a security policy and that no one can get the job done in ten minutes over coffee. But like all processes, this one can get underway quickly, with the decision to start and the selection of a manager who'll be responsible to plan and implement the policy.

Vulnerability Management: "One of the most important things you can do when you have limited time is to find out where you are vulnerable," Hilling says. "To a certain extent, everything follows from this."

As with the creation of a security policy, an audit of an organization's vulnerabilities can be a very daunting and complex process. "But the process has to be done," Hilling says. "Most security problems aren't related to the wily, determined hacker who uses his cunning to get into your network, they're more likely related to worms and denial of service (DoS) attacks."

Worms and DoS attacks exploit known network vulnerabilities. Consequently, the best way to defend against them is to find the flaws before the attackers do. It will take time to sift through every switch, router and server on your network, of course, but Hilling is quick to point out that it takes virtually no time at all to start the process and delegate someone to see it through.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Slideshows
Blockchain Gets Real Across Industries
Lisa Morgan, Freelance Writer,  7/22/2021
Commentary
Seeking a Competitive Edge vs. Chasing Savings in the Cloud
Joao-Pierre S. Ruth, Senior Writer,  7/19/2021
News
How CIO Roles Will Change: The Future of Work
Jessica Davis, Senior Editor, Enterprise Apps,  7/1/2021
White Papers
Register for InformationWeek Newsletters
2021 State of ITOps and SecOps Report
2021 State of ITOps and SecOps Report
This new report from InformationWeek explores what we've learned over the past year, critical trends around ITOps and SecOps, and where leaders are focusing their time and efforts to support a growing digital economy. Download it today!
Video
Current Issue
Monitoring Critical Cloud Workloads Report
In this report, our experts will discuss how to advance your ability to monitor critical workloads as they move about the various cloud platforms in your company.
Slideshows
Flash Poll