We want to increase the security inside our network. We use firewalls and IDS but I am afraid they don't solve all the problems. I am not a 'techy,' I am in management. My boss has told me I need to take 'ownership' of our e-security. How can I be sure if an internal/external hacker breaches our perimeter security, that we won't lose everything? Does any technology exist to protect against this? From everything I read, intrusions are still taking place inspite of firewalls. Any insight you can give me would be helpful.
You should have a disaster recovery plan for your network. This should include physical disasters, but should also include security disasters. There should be an incident response plan in place so that if such a disaster should take place, the staff will know what to do.
The best time to plan for a disaster is before it happens.
This was first published in October 2001