Self-Assess, Then Get Advice

 
 
By eweek  |  Posted 2001-02-26 Email Print this article Print
 
 
 
 
 
 
 

Before calling in the experts to perform a vulnerability assessment of an enterprise network, there are a few basic steps IT managers can take

Before calling in the experts to perform a vulnerability assessment of an enterprise network, there are a few basic steps IT managers can take to improve security.

• Keep current with updates to security software—especially Secure Sockets Layer, virus protection, operating system patches and digital certificates. IT managers often overlook this simple security measure.

• Be sure to review audit logs on a regular basis to look for signs of potential trouble. Require employees to use alphanumeric, case-sensitive passwords, and mandate that they be changed frequently.

• Dont forget to use the security features that are built into products. Denial-of-service attacks can be avoided by monitoring and filtering Internet Control Message Protocol, User Datagram Protocol and bad-source IP addresses at the firewall. Most e-mail clients support digital certificates that can be used to sign and encrypt e-mail, keeping sensitive data from prying eyes.

• Stay current on potential security threats. Carnegie Mellon Universitys CERT Coordination Center offers a free security advisory mailing list at www.cert.org/contact_cert/certmaillist.html. The National Institute of Standards and Technologys Computer Security Resource Center also covers a variety of computer security issues at csrc.nist.gov.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel