SECURITY MANAGEMENT
To protect an organisation's IT infrastructure
and information, security management procedures should adopted. At a
minimum an organisation should adopt he recommendations below.
 Firewall
Use a firewall. A firewall acts as a barrier between
the public internet and the organisations network. It helps to protect
the servers and PC's on the network from hackers and viruses.
Anti-Virus Software
Install up-to-date anti-virus software on all servers
and PC's on the network and all mobile devices such as laptops, tablets
and smart phones. Anti-virus software is one of the main defences
against online problems. It continually scans for viruses, including
Trojans and worms.
Security Patches
Install the latest security patches for the
applications and operating systems utilised by the organisation.
As new threats emerge, regularly download the available security updates
to ensure maximum protection.
Spyware
Implement measures and install software to stop
spyware. Spyware is a threat to privacy and the information it can
harvest from a computer can lead to financial fraud.
Business Continuity
Implement a disaster recovery plan to ensure that your
organisation can recover from a business continuity event such as fire
or floods. As part of this ensure that regular backups are made of
organisation critical information. Backups are the last line of defence
against hardware failure, or the damage caused by a security breach, or
accidental deletion of data.
Wireless Networks
Wireless networks should be implemented in a secure
fashion. Without suitable protection, such as a firewall and encryption,
Wi-Fi (wireless) networks are vulnerable to eavesdropping, hackers and
freeloaders.
Spam Email
Implement measures to stop spam email. It is extremely
inefficient tfor an organisation's staff to have to spend time dealing
with unwanted spam email. Spam email clogs up inboxes and may
contain viruses and spyware.
Internet
Browsing the internet can be dangerous. Malicious
websites contain viruses and spyware and criminals create fake sites to
steal personal information. Many websites also contain content that it
would be inappropriate for an organisation's staff to come in to contact
with. Organisations implement systems to protext themselves from these
dangers.
|
