How to secure your company

Monday, 30 June 2003, 10:23 AM EST

There's no one thing a company can do to be secure. First, every company is unique; what works well for one might not work for another. Second, there's no such thing as 100% security; companies can do things to reduce and manage risk, but they can never eliminate it. Third, companies are constantly changing; just because a company is secure today doesn't mean it will be secure tomorrow.

It's also true that a company can do many things to not be secure. For example, most companies are very good at not implementing proper security. But instead of telling you the wrong ways things can be done, I'm going to focus on some general principles, which, if religiously followed, will enable most companies to attain a reasonable level of security.

Let's examine the following four core principles and see how they can be applied:

- Know thy system
- Principle of least privilege
- Defense in depth
- Prevention is ideal, but detection is a must

[ Read more ]




Spotlight

What can we learn from the top 10 biggest data breaches?

Posted on 21 August 2014.  |  Here's a list of the top 10 biggest data breaches of the last five years. It identifies the cause of each breach as well as the resulting financial and reputation damage suffered by each company.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //