Centralizing the Management of Network Security
by By Thom Bailey and Oliver Norkauer - Symantec - Monday, 17 May 2004.
Shortly after an automobile is purchased, laws dictate that insurance measures be taken to secure it. Driving a new car without automobile insurance or regular safety inspections is not only illegal, but poses serious risks to the vehicle and its occupants. While not illegal, when PCs or servers are purchased and deployed across an organization without any type of insurance, serious risks are posed to both users and the organization. The best kind of insurance an organization can provide for its network is in the form of security policies and technology. Both should be an intrinsic part of the organization’s infrastructure from "cradle to grave."

Few would argue against the necessity and value of security for a network. Yet for organizations purchasing PCs or servers regularly and deploying them across geographically disparate locations, the implementation of security measures can be a long, tedious task requiring extensive man-hours. And the more locations an organization has, the more likely there are inconsistencies between those locations.

Two extreme scenarios exist for handling security when dealing with geographically disparate organizations:

In the first scenario, local IT staff is employed at the individual remote locations. In this case, organizations have to deal with cultural differences, varying skill levels and capabilities and language barriers that pose potential misunderstandings.

In the second scenario, there is no local IT staff at the remote locations. In this case, the centralized IT administration has a lot to do to keep all the remote sites up and running. As IT departments are usually overloaded, issues arising at headquarters tend to take priority, and the remote locations often become an ‘afterthought.’ IT support suffers – and consequently, IT security suffers.

The reality for most organizations is somewhere between these two extremes. They all share, however, the need for a consistent and centrally controlled security system across the company.

Implementing an effective and centralized “cradle to grave” security policy includes a three phased plan for centralized control and decentralized execution:

Initial Rollout: Deploying operating systems and applications (including security solutions, such as virus protection), re-provisioning systems (i.e. using the same PC for a different purpose). By making security an integral part of the deployment process, you will have secure systems from the start. Adding security to systems management later is like purchasing auto insurance after your first car accident.

Ongoing Security Maintenance: Updating machines with security patches on a continuous basis. If security is already tied in with systems management, this is an easy and integrated process. Not keeping your systems updated would be akin to thinking that because your car passed its safety inspection two years ago, you will never experience car problems again.

Displacement: Permanently erasing all data from the hard drive, so the machine can leave company premises without any 3rd party being able to extract confidential data from it.

At What Size Should Our Organization Move to Centralized Management?

To answer one question with another, at what point does it make sense to lock your car? Taking a systems management approach to security should not be dependent upon the size or geographical layout of a company. Regardless of these factors, an organization must be able to centrally control security to protect company assets across all locations. Doing so allows the IT administrator to evaluate and optimize the security level on every desktop, laptop or server from a single console, regardless of where the machine is located. The IT administrator can also distribute security updates or patches without needing to rely on an end-user’s actions. It is a matter of control and who has it.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Mon, Feb 8th