Information Technology Reference
In-Depth Information
measures such as monthly IT newsletters are an excellent way to present
the “why” of a security measure prior to its “what” and “how” implemen-
tation. Users are far more likely to avoid bypassing security measures if
they understand the purpose and function of each such measure.
Standardize and Simplify
Standards and policies must apply uniformly across the enterprise, to avoid
an “open window” in one area that will weaken the security stance else-
where. As with the selection of technology and software standards, care
should be taken to reduce complexity in security policies, technologies,
and configuration settings across the enterprise. This aids in identifica-
tion of threats, application of updates, and technical support capability.
Common Enterprise Threats
Uncertainty (risk) is a constant presence in the enterprise, in that directed
or automated attacks may be launched from anywhere in the world or
inadvertent configuration changes may compromise data availability or
access controls. Power outages, storms and earthquakes, acts of terror-
ism or warfare, and industrial espionage are all potential threats to the
enterprise that must be addressed by security and recovery practices. We
will examine disaster recovery and business continuity strategies at greater
length in the next chapter.
Load Only in the Nursery
Malware
is a generic term encompassing directly threatening software
agents such as viruses and worms, as well as security-weakening agents
such as Trojan horses, service proxy redirectors, and spyware such as key-
board loggers. A centrally managed malware-defense system is one of the
most fundamental “must have” security technologies. The time between
an unprotected system's connection to the Internet and its compromise by
one of the more than 1 million identified types of malware is measured
in minutes or less.
Care should be taken to ensure that new systems are loaded, fully
updated, and provided an updated malware defense before exposure even
