14-07-2012, 04:03 PM
Network Security
Network_Security.pdf (Size: 4.64 MB / Downloads: 148)
Why Is Computer and Network Security Important?
It may seem absurd to ask the question. "Why is computer and network security important?"
but it is crucial for organizations to define why they want to achieve computer security to
determine how they will achieve it. It is also a useful tool to employ when seeking senior
management's authorization for security-related expenditures. Computer and network security
is important for the following reasons.
• To protect company assets: One of the primary goals of computer and network
security is the protection of company assets. By "assets," I do not mean the hardware
and software that constitute the company's computers and networks. The assets are
comprised of the "information" that is housed on a company's computers and
networks. Information is a vital organizational asset. Network and computer security is
concerned, above all else, with the protection, integrity, and availability of
information. Information can be defined as data that is organized and accessible in a
coherent and meaningful manner.
Prevention
The foundation of the security trinity is prevention. To provide some level of security, it is
necessary to implement measures to prevent the exploitation of vulnerabilities. In developing
network security schemes, organizations should emphasize preventative measures over
detection and response: It is easier, more efficient, and much more cost-effective to prevent a
security breach than to detect or respond to one. Remember that it is impossible to devise a
security scheme that will prevent all vulnerabilities from being exploited, but companies
should ensure that their preventative measures are strong enough to discourage potential
criminals-so they go to an easier target.
Detection
Once preventative measures are implemented, procedures need to be put in place to detect
potential problems or security breaches, in the event preventative measures fail. As later
chapters show, it is very important that problems be detected immediately. The sooner a
problem is detected the easier it is to correct and cleanup.
Response
Organizations need to develop a plan that identifies the appropriate response to a security
breach. The plan should be in writing and should identify who is responsible for what actions
and the varying responses and levels of escalation.
Before beginning a meaningful discussion on computer and network security, we need to
define what it entails. First, network security is not a technical problem; it is a business and
people problem. The technology is the easy part. The difficult part is developing a security
plan that fits the organization's business operation and getting people to comply with the plan.
Next, companies need to answer some fundamental questions, including the following.
Network_Security.pdf (Size: 4.64 MB / Downloads: 148)
Why Is Computer and Network Security Important?
It may seem absurd to ask the question. "Why is computer and network security important?"
but it is crucial for organizations to define why they want to achieve computer security to
determine how they will achieve it. It is also a useful tool to employ when seeking senior
management's authorization for security-related expenditures. Computer and network security
is important for the following reasons.
• To protect company assets: One of the primary goals of computer and network
security is the protection of company assets. By "assets," I do not mean the hardware
and software that constitute the company's computers and networks. The assets are
comprised of the "information" that is housed on a company's computers and
networks. Information is a vital organizational asset. Network and computer security is
concerned, above all else, with the protection, integrity, and availability of
information. Information can be defined as data that is organized and accessible in a
coherent and meaningful manner.
Prevention
The foundation of the security trinity is prevention. To provide some level of security, it is
necessary to implement measures to prevent the exploitation of vulnerabilities. In developing
network security schemes, organizations should emphasize preventative measures over
detection and response: It is easier, more efficient, and much more cost-effective to prevent a
security breach than to detect or respond to one. Remember that it is impossible to devise a
security scheme that will prevent all vulnerabilities from being exploited, but companies
should ensure that their preventative measures are strong enough to discourage potential
criminals-so they go to an easier target.
Detection
Once preventative measures are implemented, procedures need to be put in place to detect
potential problems or security breaches, in the event preventative measures fail. As later
chapters show, it is very important that problems be detected immediately. The sooner a
problem is detected the easier it is to correct and cleanup.
Response
Organizations need to develop a plan that identifies the appropriate response to a security
breach. The plan should be in writing and should identify who is responsible for what actions
and the varying responses and levels of escalation.
Before beginning a meaningful discussion on computer and network security, we need to
define what it entails. First, network security is not a technical problem; it is a business and
people problem. The technology is the easy part. The difficult part is developing a security
plan that fits the organization's business operation and getting people to comply with the plan.
Next, companies need to answer some fundamental questions, including the following.