At What Size Should Our Organization Move to Centralized Management?
To answer one question with another, at what point does it make sense to lock your car? Taking a systems management approach to security should not be dependent upon the size or geographical layout of a company. Regardless of these factors, an organization must be able to centrally control security to protect company assets across all locations. Doing so allows the IT administrator to evaluate and optimize the security level on every desktop, laptop or server from a single console, regardless of where the machine is located. The IT administrator can also distribute security updates or patches without needing to rely on an end-user’s actions. It is a matter of control and who has it.
A good systems management tool can configure the security for PCs or servers on an individual or group basis. There can be a general security baseline for one group of users, while having distinct and higher security baselines for others within the organization.
There has been a lot of buzz in recent months around patch management. The ability to centrally manage and deploy patches across a network ensures that network security stays up-to-date. Asking individual employees to be responsible for their own PCs introduces a much greater chance of human error. Since systems management is not the employee’s primary job responsibility, the application of critical patches is easily postponed, often neglected, entirely forgotten or performed incorrectly.
Worms like Slammer are unkind teachers to those who have not applied appropriate security updates or downloaded the latest virus definitions. Slammer successfully made its way through many businesses exploiting an unpatched vulnerability in the businesses’ MS-SQL systems bringing collective corporate networks to their knees.
A good systems management tool will allow the central administration of the software patches to prevent unnecessary exploitation of software holes. There are three very basic steps to patch management – assess the vulnerabilities and identify patches, then test the patches and finally deploy them.
Evaluating the Costs of Manual Security Management
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.