PROFESSIONAL WEBSITE DESIGN AND DEVELOPMENT SINCE 1994
Below are the subjects for your comprehensive evaluation of your company and training security.
What is computer security?
70% of all computer security related problems stem from human, rather than technical, factors. A small investment in worker education usually takes care of most of the human factors. The other 30% are the technical issues that involve setting up and monitoring the computer systems to insure that you know what is happening on your systems and can make informed decisions regarding any activity on your systems.
Your company policies and guidelines
What do you want in the area of computer security? Are your computers to be used for work-related activities only? Will computer game playing and browsing that isn't work-related be prohibited? What access, if any, will be allowed from non-company sites into your computer system?
As part of the worker education process, "horror stories" about the ways that intruders operate to reinforce your computer security policies.
Usernames and passwords for your company
Easily guessed usernames and weak passwords are an invitation to your system. There are simple ways that can be easily learned to eliminate the "need" for usernames and passwords to be written on sheets of paper and left for unauthorized users to take advantage of.
Data backup systems onsite and offsite
Part of keeping your business running is making sure your data is available when needed. Onsite backups speed the recovery process in the event of failures or intrusions. Offsite backups insure the integrity of your data in case of a natural or man-made disaster along with recovery from viruses, trojans, and other computer attacks.
The operating systems you use "should be" the ones you purchased. Verifying that the system programs haven't been tampered with is essential to maintaining control of your computer system. The programs that your company uses for it's daily business are also vulnerable and important to maintaining control of your system. Monitoring the status of these critical files is essential to keeping your system operating in your best interest.
Auditing and logging
When you have a record of activity on your system, you make better decisions regarding improvements, upgrades, policy changes, and legal actions. It's a sound business practice to decide in advance what level of record keeping is needed and put a system in place that will deliver the data when needed.
Viruses and trojans are programs that invade systems and do things that the owners of the systems don't intend. Preventing these threats is an ongoing activity that is needed to keep your assets under your control.
No system is secure if physical access isn't controlled. Part of computer security is determining the level of physical security that is consistent with your business needs and implementing the physical controls needed to support that decision.
A firewall is designed to control access to and from your computer system. It is here that many of your security policies are put into practice so your workers use your equipment the way you want them to and intruders are prevented from using your assets in ways that are inconsistent with your business plan.
Wrappers and proxies
Occasionally there are unplanned weaknesses in programs that are needed for your system to operate. When they are identified; these tools are used to further reduce the dangers of compromise by adding additional layers of protection.
Part of the "Auditing and Logging" and "Integrity Management" processes is knowledge of if a break-in has occurred. Quick notification leads to more effective containment of the intruder and will allow your business to continue with a minimum of disruption.
Having a legal strategy in place will shape the plans and procedures to be followed if an intrusion occurs. Considering the legal options need to be done "before" the security plan is written and put into place. This way, the plan is consistent with your business philosophy. Planning is essential for protecting your resources from unauthorized use.
Don't wait until it is too late and your data is lost, stolen or compromised. Start your security program today!
This page and any accompanying document(s) are confidential and privileged. They are intended for the sole use of Confluence Internet Services staff, clients and authorized individuals only. If you have found this site in error, you are advised that any disclosure, copying, distribution, or the taking of any action in reliance upon the site is strictly prohibited. Moreover, any such inadvertent disclosure is punishable by law. If you have received this address in error, please contact our IT Department at its Internet address (Ronald Hilbert), or by telephone at 541-672-2288. Thank you.
Receive a FREE web-site and SEO (Search Engine Optimization) analysis. This includes a review of hit reports (website statics), Meta tags and site navigation. Suggestions regarding internet marketing and strategic options are included as part of this report.
Confluence Internet Services Inc.
8301 N. Bank Road
Roseburg, OR 97470
phone & fax: (541) 672-2288
© Copyright Confluence Internet Services Inc. All Rights Reserved
home | keyword research | website design | free website analysis | online marketing | website re-design | web development | web design 4 rules | website navigation | marketing research | intranet development | extranet development | seo search engine optimization | seo myths | about us | email marketing | analytics | video production | podcasting