Security

Security risks cannot be eliminated or prevented completely. However, effective risk management and assessment can significantly minimize the existing security risks. To minimize the amount of risk, it is important to understand that no single product can make an organization secure. True network security comes from a combination of products and services, combined with a thorough security policy and a commitment to adhere to that policy.

A security policy is a formal statement of the rules that users must adhere to when accessing technology and information assets. It can be as simple as an acceptable use policy, or can be several hundred pages in length, and detail every aspect of user connectivity and network usage procedures. A security policy should be the central point for how a network is secured, monitored, tested and improved upon. While most home users do not have a formal written security policy, as a network grows in size and scope, the importance of a defined security policy for all users increases drastically. Some things to include in a security policy are: identification and authentication policies, password policies, acceptable use policies, remote access policies, and incident handling procedures.

When a security policy is developed, it is necessary that all users of the network support and follow the security policy in order for it to be effective.