Print

Comment

Email

Digg

Del.icio.us

Reddit

Twitter

The Computer Associates roadshows highlighted confidentiality, integrity and availability as the major challenges in enterprise IT security

As it tries to cope with the continuing lull in IT spending, Computer Associates has given a huge impetus to security  management through its three-city security roadshows held in New Delhi, Bangalore and Mumbai in association with Dataquest. Boosting the automation of security and systems management was CA's key focus during the roadshows.

Confidentiality, integrity and availability were the three main security management tools CA focused on. The company claimed that with these three areas in mind, simple firewalls and other stopgap measures clearly are no longer enough to protect companies doing business online. Businesses now must take a more proactive and strategic look at network security management. Companies must truly consider how their systems are structured and how that structure supports their overall business. Securing computers is a priority, but securing the business should be the ultimate goal.

CA advised some key considerations for companies taking a more "holistic" approach to network security management. The first was to know your network because it is crucial for systems administrators to get a handle on exactly what is on the network and what impacts it. They must map the network and know every entry way and every point at which their system has contact with another. They must know what the vulnerabilities are and how those might impact the business.

Secondly, update the network. This is one of the best steps systems administrators can take to protect their networks. This includes patches not just for computers but also routers. Just like with updates for basic word-processing software, new fixes come out every several months. Most of these upgrades are free; updating is just a matter of obtaining and implementing them.

Dedicating time is the third area. Being proactive when it comes to security means investing the time upfront to address potential problems. For some companies, this may mean that they need an extra person who focuses strictly on security, maintaining patch levels and knowing the network. Most security problems and attacks can be avoided by one simple means: investing valuable resource time. Also address security across the entire network-whether big or small: any company, no matter what its size, can become a target for hackers not necessarily for its own assets but as a place to launch attacks. Organizations that lose money due to hackers often go looking for someone to blame. Even if a company does not need to vigilantly protect its own data, it is important for every organization to show it has been duly diligent with respect to security so that it will not be liable for damages. Companies, especially smaller ones, however, do not necessarily have to spend millions of dollars on security. As has been noted, many of the best proactive steps are free.

Unfortunately, liability for denial-of-service and other types of attacks will eventually float downstream to smaller companies who have unwittingly played host to hackers. Whether a company's network is composed of 10 computers or thousands of computers, strategic and proactive network security management must be a top priority. After all, the problem is no longer just about computer security, it is about business security.

Anthony Lim, Director, e-Trust brand strategy, CA, demonstrated its Antivirus "eTrust" that it claims protects enterprise environments from a full range of viruses and malicious code. It demonstrated total coverage for the enterprise-from critical potential points of entry at the perimeter to mobile devices in the field. An intuitive Web-based management makes it easy for security administrators to automate signature distribution and track events across the enterprise. This ease of administration and signature deployment is critical for effective virus protection.

In response to the increasing demand by IT professionals for the latest, best information on security strategies, the roadshow was the largest in a series of a successful informational outreach programs staged by the company. The CA Security Management Roadshow brought top experts, including hundreds of CIOs, together to provide IT professionals across the country the opportunity to learn the latest innovations in security and to better secure their organizations. Ninad Karpe, country manager, CA India said, "The widespread user participation and interest in these roadshows demonstrates not only to the demand for security solutions, but also CA's combined commitment to providing secure computing environments."

Security considerations are extremely important as organizations prepare to use a network to electronically send confidential clinical data outside the four walls of the institution. Organizations that carefully think through the issues of security and apply a methodical and disciplined approach to the problem will fare better than organizations that react as problems arise. To cope with the issues of security, thinking through the basics, managing trade-offs, and looking to the present and future will serve an organization well.

CyberMedia News

Page(s)   1