Enterprise security governance is a critical part of today’s business environment. There are so many different security aspects organizations must consider including: endpoint and mobile device security, data center security, messaging and collaboration security, web and network security, data security, security and risk management, enterprise security suites, and consulting and support services. As you can see from this blog, there is no shortage of topics on this subject.
This wide range of security issues can seem overwhelming. However, there are five basic steps that can be taken to improve overall enterprise security governance using the latest security strategies. These strategies include:
- Reduce exposure.Data security and data availability are two crucial components for any organization in an enterprise environment. Denial of service – whether it is an intentional attack or an accidental user error – is a common occurrence that can quickly bring productivity to a screeching halt. Hackers can easily cause major widespread disruption with a well-executed denial of service attack. In order to protect your organization from such attacks, reducing exposure is extremely important. TechNet at Microsoft suggests the following steps:
- Apply IP filtering rules. Letting the right users in and keeping the wrong users out will go a long way toward reducing denial of service threats.
- Create a policy and response team to enable early detection and reaction to denial of service attacks.
- Determine baseline patterns of load and traffic volume. Employ an early warning system that alerts when these baselines have been exceeded.
- Prevent address conflicts. What’s in a name? Access to your network and data, among other system components. What does a name have to do with an address? A Dynamic Host Configuration Protocol (DHCP) assigns IP addresses to requesting clients and then the client/server mechanism resolves that name to a unique IP address. Conflict prevention then prevents duplicate IP addresses on your network thus increasing the effectiveness of the address allocation process and improving security.
- Implement IPSec policies. When data travels via IP, it is susceptible to interception and tampering. Implementing IPSec policies addresses the main security concerns related to data transmission. Those concerns are authenticity and repudiation, and integrity and confidentiality. Successful IPSec policies in turn have four main components: IPSec protocols, security associations, security policy and an IPSec driver. When used properly, IPSec policies can help keep data secure during transmission and help defend against both internal, as well as external, threats and attacks.
- Assign a policy hierarchy. Both data security and data availability are extremely important for end systems. Implementing a policy hierarchy is an effective step to that end. Because different servers have varying security needs, it’s important to separate those servers into organizational units. Security policies can then be created and applied first by understanding and documenting default local and domain policies, then by creating organizational units for separate group policies. Next, security templates can be created for each group of servers within the organizational unit. Finally, the security template can be installed in the group policies, and the same can be done for domain controllers and the domain group policy.
- Administer an auditing and monitoring policy. Monitoring helps detect behavior that is suspect, whether it is from an external threat, from within the organization, or simply a malfunction within the system. Effective monitoring tools include event logging, performance monitoring and simple network management protocol (SNMP). There are varying aspects of the system and network than can benefit from monitoring including: the general system itself, uptime and reboots, crashes, hardware failures, applications and objects. Objects that can be monitored include: files and directories, registry keys, services, kernel objects, directory service objects and printers. When detailed logs are kept of these elements, they can then later be audited and checked for discrepancies.
Because today’s businesses and organizations rely heavily upon computer networks and the internet to function, enterprise security is an essential part of doing business that cannot be neglected or ignored. Protecting both the interests of your organization, in addition to those of your customers or associates is critical for success. Once you have decided which area of security to focus on, the above steps can be taken and, as a result, your system and network can enjoy the benefits.
Author Bio: Nila Shore is a contributing writer who specializes in IT security solutions. Shore is currently studying the latest network security solutions as they relate to improved business practices, for the sake of her own small business.