ICT security threats are nothing new, and most businesses are well aware of the need to protect their networks and data from the myriad of malicious tools out there, from spyware to spam to viruses and hackers, writes Fred Mitchell, Symantec business unit manager at Drive Control Corporation.
These threats, while they have been around for many years, are constantly evolving, and could bring an organisation to its knees by compromising the integrity of the network and the data it contains. Because the nature of threats to ICT security are constantly changing, it is imperative that organisations adopt an holistic approach that encompasses security right from the core to the perimeter of the network, ensuring full protection throughout.
However, no matter how comprehensive a security strategy is, without proper maintenance, continuous updating and up to date licenses, it will fail to protect networks adequately. Often, businesses are lulled into a false sense of security with their systems, as while they are updated and licenses are in place they remain unaffected by threats. But if these licenses are not properly monitored, they expire, and because there have been no security breaches businesses become complacent about security.
The problem lies once again in the need to constantly adapt security to changing threats. Without a valid license, most software will no longer allow access to updated definitions. And software is only as effective as
its latest update. So an expired license leaves an organisation wide open within a few days of validity lapsing, making networks vulnerable to a range of viruses and spyware that could seriously compromise the business.
Adequately addressing the security needs of any organisation requires proper analysis of where gaps exist, and a strategy to help tackle these gaps. In order to do this, an all encompassing, holistic approach to the security needs of the business needs to be taken, depending on the size, number of employees, and specific requirements of the enterprise.
One of the major holes in many network security strategies is mobile security. With the growing number of mobile workers in all industries, this is now a vital component to address. Laptops, PDAs and smartphones need to be taken into account when looking at security, as these could cause breaches and leave businesses vulnerable.
Identifying weaknesses in the network enables organisations to understand their vulnerabilities and address them with solutions that will help to fill in the gaps and move towards a holistic security system that covers the entire network.
It is also important to have a roadmap in place for the implementation of security, as it is not possible to tackle every angle all at once. This roadmap will provide a framework for building up and maintaining security, which will help to keep the organisation on track and ensure that gaps are addressed and that licenses do not lapse.
Keeping abreast of the latest trends in security and having a working knowledge of the threats that exist is also a vital component of ensuring. As the old adage goes, knowledge is power. And by having information about security trends and threats available, it will only empower the business to be able to better address all security needs.