荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: Lg (创造人生的传奇), 信区: Linux
标 题: Best Practices in Network Security - 5
发信站: BBS 荔园晨风站 (Sun Mar 19 14:58:27 2000), 转信
Best Practices in Network Security
March 20, 2000
Executive Summary
Best Practices in Network Security
One of the side benefits of the Internet's growth, with the accompanying
reports of computer and network break-ins and computer virus infections, is the
increased awareness and acceptance of computer and network security policies,
procedures and mechanisms. As our use of computers and networks expands, so
does the list of things that can go wrong and ways our organizations can be
hurt.
Security policy, procedure and proper-use documents give system and network
administrators something to fall back on in a crisis, as well as guidance for
the mundane but essential day-to-day decisions and actions. They also provide
approaches to problems that have been well-thought-out and tested over time.
And though there is no magic in them, these policies bring an organization
closer to understanding its computer and network business requirements and
risks. At the same time, the policies provide a framework for re-evaluation as
requirements and risks change.
The work of instituting the best practices for network security can be
daunting. The list of tasks seems limitless, and the possible procedural issues
appear to touch on every aspect of every employee's interaction with the
network.
The correct framework built on the correct premises makes this easier to
accomplish. Premises firmly grounded in reality, that take into account the
needs for both usability and security, give us the freedom to thoughtfully and
calmly provide the security we need, in a manageable way, while still
delivering required services and enabling profitability.
But dogma plus information is not enough. At every step, senior management
support is critical. From the assignment of responsibilities with authority, to
the approval of purchasing, policies and plans, upper management makes or
breaks the security program. Aside from the fact that in any organization
senior management assigns and delegates authority, it is often the official or
unofficial arbitrator should individuals or organizations disagree with policy.
The right information, mind-set, and blueprint provide the foundation for
security with usability for an enterprise.
--
☆ 来源:.BBS 荔园晨风站 bbs.szu.edu.cn.[FROM: bbs@210.39.3.97]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店