How to secure your company

Monday, 30 June 2003, 10:23 AM EST

There's no one thing a company can do to be secure. First, every company is unique; what works well for one might not work for another. Second, there's no such thing as 100% security; companies can do things to reduce and manage risk, but they can never eliminate it. Third, companies are constantly changing; just because a company is secure today doesn't mean it will be secure tomorrow.

It's also true that a company can do many things to not be secure. For example, most companies are very good at not implementing proper security. But instead of telling you the wrong ways things can be done, I'm going to focus on some general principles, which, if religiously followed, will enable most companies to attain a reasonable level of security.

Let's examine the following four core principles and see how they can be applied:

- Know thy system
- Principle of least privilege
- Defense in depth
- Prevention is ideal, but detection is a must

[ Read more ]




Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //