The management of network security calls for the understanding of threats and choosing what risks are acceptable; varied levels of security are acceptable. A company has to stay up to date on the emerging threats and ways to protect themselves from them. Focus is accorded to the main vulnerabilities that one is able to handle using the available resources. This is the main focus of this paper as well as the appropriate ways on how to manage them with regard to a middle sized company
Explain to your CIO what you can do to make sure the network infrastructure is more secure
Connecting to a network involves sharing delicate and large sized information with varied people bringing about the susceptibility to hacking. Every company is responsible for ensuring safety of its network. Network security is acquired if the information stored is safeguarded from unauthorized access or manipulation.
It is quite important to safeguard the network structure for the company from intrusion. As Information Security Officer at the middle-sized company the first that I will handle involves the several threats that computer networks are vulnerable to, that are in most cases performed by perpetrators that try to access the servers of Windows and Linux to solve the vulnerabilities (Tech soup for libraries, n.d). With this basis, the CIO ought to be thorough to strengthen that thread which may be applied to help hackers and their codes. The uses of these codes that are really viruses, worms are great concern to the safety of private data. These data contain sensitive information about the company or individuals; identity, credit and asset which are well collected and compiled. The perpetrators clone this information for their bad intentions. This theft of identity is not only noticed in software and data, it similarly affects computer effectiveness; speed and make the computer crash. The CIO, ought to have a compendium of means through which he will safeguard his network and a fast decision reach in a shortest time.
Moreover, generally, security is termed to be the act of creation protection from loss or threat, these calls for an extensive protection strategy. With regard to resources available to the company, the strategy will call for the five props to IT security process: policy and audit organization, access control, structure and hardware safeguarding and fault response mechanism (SANS Institute, 2001). In this middle-sized company ought to apply these functions in a limited platform of action taking to fact its limited budget, facilities and limited management staff that are engaged in varied duties. In a more precise role, the defense of the windows and Unix/Linux server will involve looking at their weak points and points of vulnerabilities. First of all the protection starts with the installation of the third party Active Directory management program which are useful in the integration of Linux, UNIX vital in offering the IT department an extensive Windows Group Policy services to the Linux servers. A well made framework and integration of these elements may bring about better management of the network. In this case the CIO will be able to apply this to his favor on a contingency basis to manage security. Moreover, the third party security advisers are beneficial in that it depends in their support to keep and uphold the updates and go on with development in security.
Finally, the CIO ought to be conversant, make sure that the network model is safe, regular checkups on policies, processes integrated with a dynamic and extensive comprehension that the threads are transforming constantly in relation to technology (Pardoe and Snyder, 2005). The acquisition of the source of the third party, and the operations done at a limited budget, needs innovation by the CIO on modes of how to manage resources. These resources ought to be managed in a way that would acquire protection from network hackers and other perpetrators. This would be an efficient and capable way to safeguard the role of surviving by this middle sized company.
Network security calls for everybody to play a role in the safeguarding vital documents. The middle-sized company will use its limited resources so as ensure security of its structure. No network model is 100 percent secure, hence this calls for the protection of major threats.
Pardoe, T. D. and Snyder, G., (2005). Network Security. New York: Cengage Learning. SANS Institute (2001).Security Policy: What it is and Why – The Basics. SANS Institute InfoSec Reading Room. Retrieved from: http://www.sans.org/reading_room/whitepapers/policyissues/security-policy-basics_488 Tech soup for libraries (n.d). Networking and Security. Retrieved from: http://www.techsoupforlibraries.org/book/export/html/592