| From computer viruses to hackers, with | | | | easy to create and integrate with |
| so many lurking security threats, it's | | | | existing processes and tools that anyone |
| important to have a solid network | | | | (not just IT) can do it. Overall, your |
| security solution in place. Whether your | | | | network security solution should have |
| company has security software, a | | | | monitoring, prevention, reporting and |
| dedicated IT team to monitor suspicious | | | | enforcement all in one solution. |
| activity, or both - threats keep | | | | 5. Cost of Ownership. Any solution |
| evolving and adapting to their | | | | should have a reasonable cost of |
| environment. That said, it would be in | | | | ownership, meaning it should possess the |
| your best interest to have an integrated | | | | ability to integrate with a broad range |
| network security solution with all the | | | | of security and networking solutions as |
| modern tools you need to keep your | | | | well as a flexible deployment scheme. |
| system up and running smoothly. | | | | Additionally, the solution should have a |
| So how can you assess your network | | | | measurable effectiveness, i.e. |
| security solution to see if it's time to | | | | reporting. That is if a breach or leak |
| update your security software or | | | | does happen your solution should be able |
| procedures? Here are 6 important aspects | | | | to classify the incident(s) and provide |
| you should consider when evaluating your | | | | remediation in order to have a |
| current network security. | | | | reasonable cost of ownership. |
| 1. Detection Accuracy. It's critical to | | | | 6. Vendor Viability. Unfortunately, the |
| have a network solution that can lower | | | | majority of available solutions are from |
| the amount of false positives/negatives | | | | start up companies with limited funds |
| and can also design policy controls that | | | | and product vision. Network security |
| map to business processes. Make sure the | | | | solutions from start up companies can |
| solution can protect both structured and | | | | sometimes lack the R&D, global sales and |
| unstructured data as well as data | | | | support services organizations need to |
| ranging from simple credit card numbers | | | | have guaranteed, long term security for |
| and SSNs to source code and other | | | | their network. Additionally, due to |
| proprietary information. | | | | consolidation in the security industry, |
| 2. Enforcement Capabilities. Since most | | | | these small vendors and 'boutique shops' |
| leaks are internal (or at least start | | | | are more likely to be acquired by a |
| out that way) it's important to have a | | | | larger company at some point or even |
| network security solution with | | | | forced out of business eventually. The |
| integrated enforcement capabilities for | | | | larger, publicly traded firms however, |
| all data types, vectors, for both | | | | generally have a more substantial |
| internal and external communications. | | | | customer base, a well funded R&D |
| 3. Policy Administration and Updating. | | | | program, and a global presence with |
| Make sure your network security solution | | | | strong sales and support. Therefore, |
| is able to set rules based on users, | | | | purchasing solutions from a more viable |
| data, vector, and destination. It should | | | | vendor could mean better results and |
| be able to tie each of these variables | | | | service in the long run. |
| together to say who can send what | | | | For any business present in today's |
| information where and how. Additionally, | | | | fast-paced, ever changing web |
| since these policies should be created | | | | environment, finding an integrated |
| based on regulatory compliance | | | | security solution that will take care of |
| requirements and corporate governance, | | | | everything listed above is imperative. |
| your network security solution should be | | | | After you've evaluated your current |
| automatically updating them as | | | | security - begin researching security |
| regulations change. | | | | solutions (such as the Websense(R) Web |
| 4. Manageability and Reporting. Security | | | | Security Suite (TM) ) that will fill |
| software should be easy to deploy and | | | | the gaps left open by traditional |
| manage. Policy controls should be so | | | | security software. |