Business Security Information

When I first began my career in security, perimeter protection was the hot topic.  Physical security usually involved security fencing, razor wire, alarm sensors and, depending on what you were protecting, maybe even mobile patrols.  For computer security, this involved protecting the main entry point to your network with firewalls, intrusion detection and other software or hardware devices.  Today, with so many different entry points as well as interconnected networks, there is no set perimeter to protect.  There are exceptions to this, but think about VPN connections, extranet connections, supplier networks and others that you connect with or you allow to connect to your network.  Some networks have a variety of third party vendors providing or maintaining portions of the business network. Depending on the security setup of other networks that connect to you, your perimeter may include other entry points you really don’t know about or have control of.

So, how do you protect your company’s and customers’ data.  The most important point before making that decision is that you must know where your information is located.  Basically, there are two main methods to make that determination. The first involves using software tools that basically track down different types of data on your network and then you must sift through the collected information to determine what is important and must be protected.  This is the best way to discover where your data is located, but even with using open source tools, this may cost more than you can invest at this time.

The second method is to focus your protection on areas of your network that will most likely house your business information.  Some of those areas will include:

• Workstations or company PC’s.  Usually the computers your employees use contain more information than you think.  I know mine contains a variety of customer and business information.
• Servers, including Application, Database and Internet Servers.  Database servers usually contain the most critical and vital information.  Protecting database servers is vital for most businesses.  Internet servers can include e-mail, web, web application and DNS servers.  Most businesses are surprised to find the amount of information they really have on their network.

Security methods that can be used to protect these network points is varied and constantly improving so touching on specific protection methods is beyond the scope of this article.  Most importantly, you must:

1. Know what information you have.
2. Know what information needs protected.
3. Know where the information is located.
4. Find methods to protect the information.

Remember, when protecting information, it is important to protect the information while it is being stored but also when it is in transit across the network.  Too many times we just concentrate our security on those points where data is stored and forget that it can also be obtained or gathered when traveling across a network.  Protection methods must focus on inside as well as outside threats to your business.

Related posts:

1. Perimeter Security Details
2. Unified Threat Management–Do I Need It?
3. Do You Know What Sensitive Information is on Your Computers?