| From computer viruses to hackers, with so | | | | and integrate with existing processes and |
| many lurking security threats, it's important | | | | tools that anyone (not just IT) can do it. |
| to have a solid network security solution in | | | | Overall, your network security solution |
| place. Whether your company has security | | | | should have monitoring, prevention, reporting |
| software, a dedicated IT team to monitor | | | | and enforcement all in one solution. |
| suspicious activity, or both - threats keep | | | | |
| evolving and adapting to their environment. | | | | 5. Cost of Ownership. Any solution should |
| That said, it would be in your best interest | | | | have a reasonable cost of ownership, meaning |
| to have an integrated network security | | | | it should possess the ability to integrate |
| solution with all the modern tools you need | | | | with a broad range of security and networking |
| to keep your system up and running smoothly. | | | | solutions as well as a flexible deployment |
| | | | scheme. Additionally, the solution should |
| So how can you assess your network security | | | | have a measurable effectiveness, i.e. |
| solution to see if it's time to update your | | | | reporting. That is if a breach or leak does |
| security software or procedures? Here are 6 | | | | happen your solution should be able to |
| important aspects you should consider when | | | | classify the incident(s) and provide |
| evaluating your current network security. | | | | remediation in order to have a reasonable |
| | | | cost of ownership. |
| 1. Detection Accuracy. It's critical to have | | | | |
| a network solution that can lower the amount | | | | 6. Vendor Viability. Unfortunately, the |
| of false positives/negatives and can also | | | | majority of available solutions are from |
| design policy controls that map to business | | | | start up companies with limited funds and |
| processes. Make sure the solution can protect | | | | product vision. Network security solutions |
| both structured and unstructured data as well | | | | from start up companies can sometimes lack |
| as data ranging from simple credit card | | | | the R&D, global sales and support services |
| numbers and SSNs to source code and other | | | | organizations need to have guaranteed, long |
| proprietary information. | | | | term security for their network. |
| | | | Additionally, due to consolidation in the |
| 2. Enforcement Capabilities. Since most leaks | | | | security industry, these small vendors and |
| are internal (or at least start out that way) | | | | 'boutique shops' are more likely to be |
| it's important to have a network security | | | | acquired by a larger company at some point or |
| solution with integrated enforcement | | | | even forced out of business eventually. The |
| capabilities for all data types, vectors, for | | | | larger, publicly traded firms however, |
| both internal and external communications. | | | | generally have a more substantial customer |
| | | | base, a well funded R&D program, and a global |
| 3. Policy Administration and Updating. Make | | | | presence with strong sales and support. |
| sure your network security solution is able | | | | Therefore, purchasing solutions from a more |
| to set rules based on users, data, vector, | | | | viable vendor could mean better results and |
| and destination. It should be able to tie | | | | service in the long run. |
| each of these variables together to say who | | | | |
| can send what information where and how. | | | | For any business present in today's |
| Additionally, since these policies should be | | | | fast-paced, ever changing web environment, |
| created based on regulatory compliance | | | | finding an integrated security solution that |
| requirements and corporate governance, your | | | | will take care of everything listed above is |
| network security solution should be | | | | imperative. After you've evaluated your |
| automatically updating them as regulations | | | | current security - begin researching security |
| change. | | | | solutions (such as the Websense(R) Web |
| | | | Security Suite (TM) ) that will fill the |
| 4. Manageability and Reporting. Security | | | | gaps left open by traditional security |
| software should be easy to deploy and manage. | | | | software. |
| Policy controls should be so easy to create | | | | |