| Do you host your own Web site? How important is | | | | network. Establish a budget to test, analyze, and shore |
| your Website to your business?; How much revenue | | | | up data and network security. |
| does your Website help generate? Probably more | | | | 2. Once you receive approval to proceed, perform a |
| than you realize. | | | | thorough security assessment of your network |
| Imagine for a moment that you arrive at work on a | | | | connections, server, and application access. Hire a |
| typical workday morning. What kind of day would you | | | | security consultant to assess and breach your security |
| have if the CIO called you into his office demanding to | | | | measures. |
| know why there are obscenities on the home page of | | | | 3. Analyze the results of the test(s). Report the results |
| your corporate Website? | | | | to your management and schedule the implementation |
| How could that happen? You wonder how someone | | | | of activities to shore up the security holes revealed by |
| breached your strong passwords and defaced your | | | | the test.Update router access lists and network |
| Website. What do you think your customers feel | | | | firewall security policies. If you host your own Web |
| about the obvious breach in your network security? | | | | Server, purchase and install a Web application firewall. |
| What level of confidence do you suppose your | | | | 4. You can spend a good deal of time and money |
| customers have in your ability to process their orders | | | | identifying, planning, and shoring up the security of your |
| or protect their data? | | | | network. But, you run the risk of reverting to the same |
| Do you think such an event will influence their belief in | | | | unsecured network and applications if you fail to |
| your company's overall ability to conduct business? | | | | incorporate preventative activities. Update policies and |
| What can you do to prevent such a nightmare | | | | procedures to prevent the recurrence of security |
| scenario? Here are 4 steps you can take to eliminate | | | | holes. For example, you may opt to inspect the |
| your security vulnerability. | | | | updates of operating system and application software |
| 1. Set up a meeting with the appropriate executive | | | | at regular intervals. You may revise your policy toward |
| management of your company and determine how | | | | system passwords requiring them to be strong and |
| serious they are about security. Do your homework. | | | | changed more often. You may also inspect the |
| Perform a general assessment of your network and | | | | physical security of Web Servers, application servers, |
| application security. Prepare and present a written plan | | | | routers, switches, and firewalls. As the saying goes, an |
| that includes a detailed security assessment, cost | | | | ounce of prevention is worth a pound of cure. |
| figures, schedule and the impact on the corporate | | | | |