How to secure your company

Monday, 30 June 2003, 10:23 AM EST

There's no one thing a company can do to be secure. First, every company is unique; what works well for one might not work for another. Second, there's no such thing as 100% security; companies can do things to reduce and manage risk, but they can never eliminate it. Third, companies are constantly changing; just because a company is secure today doesn't mean it will be secure tomorrow.

It's also true that a company can do many things to not be secure. For example, most companies are very good at not implementing proper security. But instead of telling you the wrong ways things can be done, I'm going to focus on some general principles, which, if religiously followed, will enable most companies to attain a reasonable level of security.

Let's examine the following four core principles and see how they can be applied:

- Know thy system
- Principle of least privilege
- Defense in depth
- Prevention is ideal, but detection is a must

[ Read more ]




Spotlight

Best practices for ensuring compliance in the age of cloud computing

Here are the major considerations organizations should incorporate into their compliance programs, as well as pitfalls that can be avoided to ensure businesses stay compliant while using cloud computing.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Thu, Sep 3rd
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //