Virus protection software is packaged with most
computers and can counter most virus threats if the
software is regularly updated and correctly maintained.
The anti-virus industry relies on a vast network of users to
provide early warnings of new viruses, so that antidotes
can be developed and distributed quickly. With thousands
of new viruses being generated every month, it is essential
that the virus database is kept up to date. The virus
database is the record held by the anti-virus package that
helps it to identify known viruses when they attempt to
strike. Reputable anti-virus software vendors will publish
the latest antidotes on their Web sites, and the software
can prompt users to periodically collect new data.
Network security policy should stipulate that all
computers on the network are kept up to date and, ideally,
are all protected by the same anti-virus package—if only
to keep maintenance and update costs to a minimum. It is
also essential to update the software itself on a regular
basis. Virus authors often make getting past the anti-virus
packages their first priority.
Security Policies
When setting up a network, whether it is a local area
network (LAN), virtual LAN (VLAN), or wide area
network (WAN), it is important to initially set the
fundamental security policies. Security policies are rules
that are electronically programmed and stored within
security equipment to control such areas as access
privileges. Of course, security policies are also written or
verbal regulations by which an organization operates. In
addition, companies must decide who is responsible for
enforcing and managing these policies and determine how
employees are informed of the rules and watch guards.
Security Policy, Device, and Multidevice Management
functions as a central security control room where security
personnel monitor building or campus security, initiate
patrols, and activate alarms.
What are the policies?
The policies that are implemented should control who
has access to which areas of the network and how
unauthorized users are going to be prevented from entering
restricted areas. For example, generally only members of
the human resources department should have access to
employee salary histories. Passwords usually prevent
employees from entering restricted areas, but only if the
passwords remain private. Written policies as basic as to
warn employees against posting their passwords in work
areas can often preempt security breaches. Customers or
suppliers with access to certain parts of the network, must
be adequately regulated by the policies as well.
Who will enforce and manage the policies?
The individual or group of people who police and
maintain the network and its security must have access to
every area of the network. Therefore, the security policy
management function should be assigned to people who
are extremely trustworthy and have the technical
competence required. As noted earlier, the majority of
network security breaches come from within, so this
person or group must not be a potential threat. Once
assigned, network managers may take advantage of
sophisticated software tools that can help define,
distribute, enforce, and audit security policies through
browser-based interfaces.
