Home > Articles > Security > Network Security

  • Print
  • + Share This
This chapter is from the book

Managing the Availability and Integrity of Operations

Maintaining availability and ensuring integrity of both physical and logical equipment are the bedrocks of operation management. Its goal is to protect the organization from interruption to its regular business activities and to minimize risk of system failure.

Safeguarding information requires that measures be in place before users begin to interact with one another or the Internet. For example, an organization could only ensure the integrity of its database if its appointed agents, typically in-house IT staff, were the sole persons responsible for loading software and performing maintenance on the system. Individual users would not be allowed to download or install software on their workstations, laptops, or local networks. IT would assume that responsibility, along with the task of deploying appropriate antivirus software throughout the network and its appliances.

IT staff would also ensure that discarded hard drives, prior to being recycled or trashed, get sanitized, a process that overwrites each block of a disk drive and fills it with 0s.

Safely managing the vast amount of information organizations typically generate requires that a consistent set of practices be instituted to ensure the following items:

  • Systems are backed up regularly, preferably daily.

  • Backed-up data is stored off-site, possibly using service providers who specialize in collecting and storing tapes and CDs. Whether in-house or third-party, storage facilities should be located in geographically secure areas.

  • Thorough logs are maintained, enabling audit trails to be followed should an attack ever occur and forensic analysis required.

Managing security operations should include a systematic process of checks and balances, which can reduce the probability of unauthorized modification or misuse of equipment. Policies should ensure that no individual could perform all the following functions:

  • Request a service

  • Approve the required funds for the service

  • Interview all vendors, contractors, or product providers

  • Place the purchase order for the service or product

  • Approve and make payment to the vendor

  • Reorder the service

A chain of responsibility ensures that multiple individuals must give their consent before plans are put in motion. While it has the potential to become overly bureaucratic, the end justifies the means—checks and balances are the keystone of efficient operations, security or otherwise.

  • + Share This
  • 🔖 Save To Your Account