Information Technology Reference
In-Depth Information
security risks. All operating systems and applications should be hardened with the
guidance of accepted step-by-step checklists.
4.6
Managing the network
Management of assets at networks in the information age is very important for the sake
of security of information. Without management of networks, it will be a burdensome
task to control information. This management includes patch management, configuration
management, remote management, asset management and security management.
4.7
Establishing the PKI
Public key infrastructure is an important countermeasure that provides an
infrastructure to certain security services. Four security mechanisms are ensured by using
PKI. These are confidentiality, integrity, authentication and non-repudiation. All these
services are important for the protection of information.
By considering all these countermeasures during possible design processes, protection
needs of information can be satisfied.
In the 1970's and up to the early 1980's, the computer processing department was an
important but completely independent entity in an organization. Few of the other
organizational departments depended directly on the activities of the computer
processing department. So, any failure in computer operations had little effect on the
organization. This era was a computer-centric era.
After the early 1980's until the early 1990's, organizations became more dependent on
information technologies. During these years, computer processing departments turned
into IT departments. Contrary to computer processing departments, IT departments
performed multi-tasking, real-time and distributed processing. This era was the
information technology-centric era.
From the early 1990's until today, we entered another era, namely the information-
centric era. We live more and more information-dependent day by day. In this era,
effective utilization of information is the most vital task. Having the right information at
the right time can make the difference between profit and loss, success and failure in
today's business environment.
Availability of information is a daunting task to perform. Availability is always
inversely proportional to security. Availability is an important information security
mechanism along with confidentiality and integrity and it is imperative to supply it. So,
availability of information should always be in mind at the design phase of networks and
information systems and while proposing the listed countermeasures such as crypto
devices, firewalls, etc.
In the information age, both security and availability of information have become vital
for organizations. These two important and opposite concepts should be profoundly
considered during the design process.
With these goals in mind, the next step in the roadmap of securing networks will be to
operate secure networks.
Search WWH ::




Custom Search