:Network Computing: Best Practices in Network Security
Network Computing: Best Practices in Network Security Mar 18, 2000, 15 :26 UTC (0 Talkback[s]) (4494 reads) (Other stories by Frederick M. Avolio)
"Information systems security. Computer and network security. Internet security. It's a complex world, and growing
more so every day. With these changes, some truths and approaches to security remain the same, while others are
new and radically different. Developing a sound security strategy involves keeping one eye on the reality of
Internet-speed changes in threats and technology, and the other on the reality of the corporate environment.
Purchasing security devices is easy. Knowing how and what to protect and what controls to put in place is a bit more
difficult. It takes security management, including planning, policy development and the design of procedures...."
"Between the vastness of this space and the services available, there are countless potential avenues of attack.
Attackers don't even have to be particularly smart, skilled or patient to develop an attack. Through the ease of "user
friendly" software, and with the ubiquity of methods for simple file distribution, anyone with a computer is a potential
at- tacker. No special skills are required. Launching attacks is within the reach of anyone with a mouse...."
"Security is an investment, not an expense. The challenge is to get this point across to upper management.
Investing in computer and network security measures that meet changing business requirements and risks makes it
possible to satisfy changing business requirements without hurting the business' viability. Properly secured servers let
corporate information be shared with salespeople in the field and with business partners. Improperly configured systems
lead to data loss or worse."
