Security response in a midsize office

Thursday, 19 December 2002, 2:11 PM EST

Small and medium-size businesses probably have no dedicated security staff. Their attitude toward security is to try to stay out of trouble. In this sense, small and midsize companies handle security the way people handle the security of their home office systems -- but with important differences that I'll outline below. These businesses often have employees who would astonish security professionals with questions such as, "Why would somebody want to hack us? We have nothing that would interest hackers." Today, most IT professionals understand that server disk storage, CPU cycles and high-speed network connections have a lot of value for malicious hackers and alleged cyberterrorists.

Even though they're small, these businesses are more regulated and have more administrative requirements than a private citizen in a home office. These requirements might include responsibilities to shareholders, fear of litigation for breach of contract, professional liability and many others. Thus, the level of security and accountability would need to be higher than in a home office. Most organizations connected to the Internet now have at least one firewall and some sort of DMZ setup for public servers (Web, e-mail, FTP, remote access). Many are deploying intrusion-detection systems (IDS) and virtual private networks (VPN). All these technologies raise new concerns about what to do with signals coming from them, since companies rarely hire new security staff just to handle those signals.

[ Read more ]




Spotlight

eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //