Auditing and Reviewing
To help determine if there is a violation of your security policy, you'll need to depend on the tools included with your computer and network. Most operating systems store numerous bits of information in log files. Examining these log files regularly will often provide the first line of defense for detecting unauthorized use of the system.
By running various monitoring commands at different times throughout the day, you'll make it hard for an intruder to predict your actions. While it may be exceptionally fortuitous that an administrator would catch a violator in their first act, by reviewing log files you'll have a very good chance setting up procedures to identify them at a later date.
Security is a dynamic process. Since it's getting easy to break into network sites through easily available, point-and-click packages, you'll need to do regularly reviews of your network. To this end, you'll need to assemble the core team or a representative subset to review how well things are working, what are the latest threats and security tools, and what are the risks against new assets and business practices.
In the conclusion of this article, we'll look at some of the preventative measures you can take, as well as how to respond to violations.
Elizabeth M. Ferrarini is a free-lance writer based in Arlington, Massachusetts.
This article was first published in Crossnodes, an internet.com site.