Stephen Withers
Monday, 24 August 2009 12:58
Business IT -
Technology
Page 2 of 2
3. Guard against malware
Malware is what gives crooks access to your data, Hibbard says. Once they have got in a system, it's very hard to stop them.
Various measures can be taken, including security software running on individual PCs as well as gateway protection to help block malware before it reaches those computers.
4. Deal with errors and omissions
You can have all the right policies in place, but they won't help unless they are followed. So add mechanisms to ensure that people are doing what they are supposed to, such as changing default passwords and checking that web servers really are providing access to the appropriate directories and nowhere else.
5. Use detection tools
Examples include intrusion detection systems and audit logging. You need to be able to watch for unusual activity, but that's practically impossible if you don't know what's normal.
If a certain activity occurs at 10pm and you've already determined that it should only happen during the day, you know a closer look - and possibly action - is necessary.