|
|
|
MANAGING RISK
While
people would like to be told that their network is totally secure
from potential security breaches, it would be entirely deceitful
to claim that this is the case. As with many human activities, risk
can be managed, but not eliminated. Given that security systems
are designed to protect against criminal behaviour, and that the
systems in use by all parties concerned are evolving, it is prudent
to implement a policy that requires a regular review of your security
systems.
Protronics will provide you with candid advice about the security
of remote office systems that you implement. The following are among
the steps that you should consider in managing the risk:
|
| • |
There
are a variety of tools that will help validate the configuration of
perimeter firewalls. These should be run periodically. |
| • |
You
should have a procedure in place that ensures that any applicable
security patches are applied to your systems.
|
| • |
You
should have appropriate security policies, and you should educate
remote users about the risks. However good your technical systems,
they can be compromised by a laptop left in the back of a car with
passwords written on post-it notes. |
| • |
If
security is a major concern for your organisation, you should consider
having an independent security audit by a specialist security company.
|
|
If
there is currently no remote access to your network, introducing
it is likely to increase the security risk - it would be dishonest
to claim otherwise. However, it is not uncommon for the introduction
of remote access to prompt a security review, with the very likely
consequence that there will be a significant reduction in the vulnerability
of your network as a result.
|
|
|
