Tuesday, 19 February 2019

Network Security Assessment


The security of a company's information system is an important requirement for the pursuit of its business. Whether it is the degradation of its brand image, theft of its manufacturing secrets or the loss of its customer data; a computer disaster always has unfortunate consequences that can lead to bankruptcy.

Organizing this security is not easy, which is why there are recognized methods to help IT managers implement a good security policy and conduct audits to verify their effectiveness.


Security Policy


A security policy can be seen as the set of organizational models, procedures, and good technical practices to ensure the security of the information system.

But what is the security of an IS? It revolves around the following five main concepts: data integrity, information and exchange confidentiality, service availability, user authentication and non-repudiation of transactions.

To guarantee security, a security policy is generally organized around three major axes: the physical security of the installations, the logical security of the information system and the user's awareness of the security constraints.

The purpose of this document is not to explain how to design a security policy but to present the existing methods.

Audit


A security audit can highlight the weaknesses of the implementation of a security policy. The problem may come from the policy itself: poorly designed or unsuited to the needs of the company, or errors when applied.


No comments:

Post a Comment