http://www.computerweekly.com/articles/article.asp?liArticleID=134676 By Mick Hegarty 2 November 2004 Not surprisingly, security is one of the biggest issues facing businesses today. The threat posed by viruses, hackers and fraudsters affects every organisation, as do the consequences of accidental damage, equipment failure and even uninformed employees. It is a fact that lack of appropriate security measures result in lost business, lost revenue, lost customers and even loss of reputation. Poor levels of security threaten a company's survival. The Department of Trade & Industry has found that the average UK business now has roughly one security incident a month, and this situation is not going to get any better as businesses use technology to make better use of information, change the way they work and stay competitive. Small and medium-sized enterprises must feel they are under attack from all sides. And to cap it all, recent legislation in the form of the Data Protection Act, the Stock Exchange's Turnbull Report and guidance from the Financial Services Authority places responsibility for data security and openness of accountability at the door of the most senior people in the business. For SMEs that responsibility is landing in IT managers' laps. They are being given the task of setting up and supporting rigorous security policies and systems. So where does the IT manager start? The first thing is to realise that security is not all negative. Just as poor security can be fatal, good security can bring real advantages. Customers and suppliers who have confidence in a firm's security policies will spread the word. Good defences help enhance the brand and differentiate a company from its competitors. What is more, being confident about security means you will be able to open up the network for flexible working, direct links with suppliers and e-commerce. This is how IT managers can really enhance their reputation within the company. The workforce will appreciate the greater flexibility in the way they are able to work and the directors are going to enjoy the competitive advantage and the money they are saving. Get the network security right and the IT manager becomes a hero. At the same time, security does not have to be difficult and expensive thanks to continued reductions in costs and improvements in the range and capabilities of third-party providers. Third parties can supply expertise to analyse vulnerabilities and help to develop your security policy. They can design and implement security products to meet requirements and budget. They can monitor the system proactively and help manage aspects such as firewall and URL filtering rules and updates to the anti-virus system. A third party will have invested in skills and capabilities that a small company would find hard to afford itself. This will include government and manufacturer accreditation, skilled consultants and engineers and the learning that comes from helping other businesses such as yours. This can give you real peace of mind. And do not forget that if you choose one supplier for your network and your security, you have the added advantages of a single supplier to work with and one who understands every aspect of your needs. By managing security in this way, SME IT managers can concentrate their efforts on their core business while letting others concentrate on the challenges of integrating and managing security. They can avoid having to recruit skills or potentially investing in equipment up-front. Most of all, IT managers can make a real contribution to protecting and enhancing the company. So, do you want to be a hero? Mick Hegarty is ICT general manager at BT Business _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Tue Nov 02 2004 - 02:25:29 PST