Shortly after an automobile is purchased, laws dictate that insurance measures be taken to secure it. Driving a new car without automobile insurance or regular safety inspections is not only illegal, but poses serious risks to the vehicle and its occupants. While not illegal, when PCs or servers are purchased and deployed across an organization without any type of insurance, serious risks are posed to both users and the organization. The best kind of insurance an organization can provide for its network is in the form of security policies and technology. Both should be an intrinsic part of the organization’s infrastructure from "cradle to grave."

Few would argue against the necessity and value of security for a network. Yet for organizations purchasing PCs or servers regularly and deploying them across geographically disparate locations, the implementation of security measures can be a long, tedious task requiring extensive man-hours. And the more locations an organization has, the more likely there are inconsistencies between those locations.

Two extreme scenarios exist for handling security when dealing with geographically disparate organizations:

In the first scenario, local IT staff is employed at the individual remote locations. In this case, organizations have to deal with cultural differences, varying skill levels and capabilities and language barriers that pose potential misunderstandings.

In the second scenario, there is no local IT staff at the remote locations. In this case, the centralized IT administration has a lot to do to keep all the remote sites up and running. As IT departments are usually overloaded, issues arising at headquarters tend to take priority, and the remote locations often become an ‘afterthought.’ IT support suffers – and consequently, IT security suffers.


The reality for most organizations is somewhere between these two extremes. They all share, however, the need for a consistent and centrally controlled security system across the company.

Implementing an effective and centralized “cradle to grave” security policy includes a three phased plan for centralized control and decentralized execution:

Initial Rollout: Deploying operating systems and applications (including security solutions, such as virus protection), re-provisioning systems (i.e. using the same PC for a different purpose). By making security an integral part of the deployment process, you will have secure systems from the start. Adding security to systems management later is like purchasing auto insurance after your first car accident.

Ongoing Security Maintenance: Updating machines with security patches on a continuous basis. If security is already tied in with systems management, this is an easy and integrated process. Not keeping your systems updated would be akin to thinking that because your car passed its safety inspection two years ago, you will never experience car problems again.