Monday, 11 December 2006

Securing the Network: 14

Securing The Network
The Final Post on Corporate Security Issues for the Non Technical

This post covers:
                Employee Education
                Security Testing

Employee Education
Good security is impossible to implement without the cooperation of the users and employees.

To this end investment in security training and briefings is likely to pay dividends. Posters should be placed around the working area highlighting key information relating to security threats and reminding users of their responsibilities.

Security cannot be delegated to one department and each and every user should understand that they have a part to play. Training and education for the users in basic security threats should be mandatory.

A lot of excellent material including leaflets and posters are available from the Department of Trade and Industry (DTI) website.

Security Testing
To ensure that your security policies are enforced it will be necessary to implement Security Testing. Security Testing can be carried out in any and all of the following ways:

Penetration Testing
Query Employees
Review the Procedures

In many cases the only way to adequately test you security is through the use of a third part company.

In this series of posts I have attempted to explain many of the Network Security concepts in layman’s terms, and to cover the majority of relevant topics.

I hope the information presented in this series of posts is of benefit to someone.

"If you can find a path with no obstacles, it probably doesn't lead anywhere." - Frank A Clark

No comments: