Security Management Strategies for the CIOAccess "Service-level agreement management: Defining security policy roles"
This article is part of the August 2004 issue of Weight lifter: Appliances that lighten your security load
ontractual stipulations and service-level agreements (SLAs) are nothing new to anyone who's contracted for goods or services. You specify how services are to be delivered, on what timetable and to what level. Anything that falls outside those terms is a breach of contract that could result in reduced payments, rebates or service cancellations. Enterprises employ security SLAs in their outsourced contracts, imposing such requirements for scanning service providers' networks for vulnerabilities, patching and change management expectations and checking periodically for quality control. Such SLA provisions make sense, if for nothing else than to ensure you're getting what you paid for. But what if you are the service provider and the customer is one of your own business units? The principles of an SLA can be just as effective internally as they are with external, contracted parties. Before you say corporate security policies already cover such matters, consider this: Does your security policy assign responsibility and expectations? Does your policy have ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Cut security costs with all-in-one appliances and firewall policies
by Lisa Phifer, Contributor
Turnkey, all-in-one appliances offer cost-effective security with less hassle.
-
Enhancing security risk management with cyberinsurance
by Lamont Wood, Contributing Writer
When all else fails, there's cyberinsurance. Learn how to enhance security risk management with cyberinsurance.
-
Cut security costs with all-in-one appliances and firewall policies
by Lisa Phifer, Contributor
-
-
Data security failure: How the government broke our trust
The government exposed thousands of Native Americans' financial data to hackers. Elouise Cobell forced the government off the Internet.
-
Service-level agreement advantages and disadvantages
by Anne Saita
Learn about the advantages and disadvantages of service-level agreements.
-
Data security failure: How the government broke our trust
-
Columns
-
Service-level agreement management: Defining security policy roles
Does your security plan include expectations or incentives for SLAs? Lawrence Walsh explains why setting standards for your enterprise is essential.
-
Be prepared: How to prevent and detect botnets
by Marcus J. Ranum, Contributor
Sooner or later, enterprises have to deal with a remote-controlled compromise. By treating botnets as a disaster preparedness problem, they'll be on the right track.
-
IE security risks: Making the switch to a more secure browser
by Jay Beale
Given the huge Web-based risk exposure with everyone running the same operating systems should enterprises look for an alternative to IE? Short answer: Absolutely.
-
Threat modeling follows attack tree as enterprise protection practice
by Pete Lindstrom, Contributor
Does your enterprise maximize its threat modeling potential? Expert Pete Lindstrom displays threat-modeling best practices and shows how it can help protect your enterprise.
-
Anticipating the worst: Security threat awareness and mitigation
Many IT managers have been lulled into a false sense of security because cyberattacks haven't happened yet. The coin-flip principle provides an all-too-real cyberspace context.
-
Service-level agreement management: Defining security policy roles
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...