Tip

Procedures in preventing threats to information security

Procedures in preventing threats to information security
Adesh Rampat

Many organizations have employed a number of security measures to protect its information from getting to its competitors or other source that would illegally misuse its information. The following deals with areas that when implemented can assist in preventing threats to information security:

  • If you have multiple operating systems in the environment such as UNIX, Windows NT/2000 and Netware, then you should also have a group of personnel who specialize in these areas performing release updates, monitoring log files, conducting regular checks in the firewall audit logs and so on. Performing these regular updates and monitoring will make it more difficult for a security threat to occur.

  • It is a good idea to have a switched network. Besides enhancing performance, switches provide the capability to set up the network traffic so that in the event of a suspected attack the entire network may not be affected. If you think you have been attacked, then after you isolate the network look for any unauthorized login attempts; one area to check first will be the audit log files.

  • Ensure that backups are current and that backup routines are properly followed. By practicing regular restore operations you can discover any corrupt data written during backup. This makes it a lot easier to restore in the event of an attack or equipment failure, because you

    Requires Free Membership to View

  • know that the data being restored does not lack integrity.

  • Backup equipment should be readily available for major devices such as routers and hubs in the event of a failure of these devices. Don't depend on third-party vendors for the supply of backup equipment.

  • Always update your network documentation and procedures whenever you make changes to the network. This sounds obvious, but . . .

  • Have competent personnel capable of providing backup support in instances where response team members are unavailable.

  • Having backups stored in a secured offsite location is one way to ensure that the data is safe. Test the quick availability of this backups periodically.


Adesh Rampat has ten years of experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute For Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.

Did you like this tip? If so, (or if not) why not let us know. Send an e-mail to us and sound off. Or visit our tips page to rate this tip, or submit one of your own.

Related Book

Information Security Management Handbook, Fourth Edition, Volume Two
Author : Harold F. Tipton
Publisher : CRC Press
ISBN/CODE : 0849308003
Cover Type : Hard Cover
Pages : 640
Published : Oct 2000
Summary :
The runaway growth of computer viruses and worms and the ongoing nuisance posed by malicious hackers and employees who exploit the security vulnerabilities of open network protocols make the tightness of an organization's security system an issue of prime importance. And information systems technology is advancing at a frenetic pace. Against this background, the challenges facing information security professionals are increasing rapidly. Information Security Management Handbook, Fourth Edition, Volume 2 is an essential reference for anyone involved in the security of information systems.


This was first published in March 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.