Security Monitoring
Autor: astrofan • January 24, 2014 • Essay • 627 Words (3 Pages) • 872 Views
Security monitoring is major key to any successful company or organization. With so many attack vectors and vulnerabilities, management in most organizations have made security the number one priority. Security monitoring involves a wide array of functions. Internal monitoring of company personal and assets is done on a daily basis. For companies with e-commerce, the security monitoring is even more important.
Internal Monitoring
The most exploited attack vector comes from the internal threat. The end users in a company most routinely possess the biggest threat to a company's asset or information. While the routine security analyst may attribute the security breaches to mal intent, most breaches occur from lack of training or end user negligence. Routinely the end user may insert a virus or unsupported software into a computer that while causes a huge problem the intent was not to bring down the system.
System administrators should routinely monitor the system logs to ensure minimal security practices are being followed. While log reading is tedious, in the end it can save the company millions of dollars in losses.
The security team also needs to monitor and secure the departments within the company such as Human Resources and payroll. Those departments are typical the focus of the outside intruder attempting to gain access to company funds and information. Safeguarding employees' personal identifiable information is another aspect of ensuring information does not fall into the wrong hands. Companies have become extremely vigilant when it comes to ensuring information does not fall into the hands of the wrong individuals. Not to mention, loss of PII in many cases can result in lawsuits that will cost the company additional losses.
Most companies monitor who has access to what information by setting up group policies and limiting access to information on a need to know basis. Accounts typically are granted to cleared individuals who have completed adequate training. Yearly training in most successful companies is required in order to maintain the account
...