The ins and outs of security management


 

The concept of security management is a broad one that can refer to many different security-related topics. When getting into the more specific arena of information security management, there are still many different items that can fall under the general umbrella of security management. Regardless of the specific topic, security management has one important goal: Ensuring that information is accessible only to those authorized to see it.

This can include external security management, which covers the securing of data from outside hacking and intrusion, and security management of those individuals within an organization from seeing only the information that is cleared for their viewing. For external issues, security management focuses on the physical blocking of access using a firewall device and possibly proxy servers or other physical filters and obstacles to keep outside access closely monitored and controlled. It also includes the repairing and patching of software vulnerabilities that can allow access by exploiting or circumventing firewalls and other such devices.

Internal security management is generally a simpler concept. In an network scenario, most users have at least some access and are authorized to log on to the internal authentication system. The security management control comes in the form of access rights to files and directories, and is easily set using the variety of server systems available, be it Unix, Linux, Netware or Windows. All of these servers allow individuals to have tailored levels of access to both files and directories. Users are given either no access, read-only, or read and write access to files. If more granularity is sought, there are other levels available within each, such as delete inhibit, a deny function and the ability to hide directories completely from being visible to certain persons or groups. By concentrating efforts to prevent both external intrusion and casual browsing of internal employees, you can be sure to maintain total control of the data stored on your network.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply