Chapter 2 - Security Management Systems

Abstract

Today, when most companies and government agencies rely on computer networks to store and manage their organizations’ data, it is essential that measures are put in place to secure those networks and keep them functioning optimally. Network administrators need to define their security management systems to cover all parts of their computer and network resources. With a plethora of storage devices, including iPads, Android Tablets, USB drives, watches, televisions, Digital Video Recorders, smart phones, apple T.V. appliances, Xbox’s, and household appliances, the management becomes even more difficult. This chapter focuses on security management systems: Which are sets of policies put place by an organization to maintain the security of their computer and network resources. These policies are based on the types of resources that need to be secured, and they depend on the organization. Some groups of policies can be applied to entire industries; others are specific to an individual organization. A security management system starts as a set of policies that dictate the way in which computer resources can be used. The policies are then implemented by the organization’s technical departments and enforced. This can be easy for smaller organizations but can require a team for larger international organizations that have thousands of business processes. Either way, measures need to be put in place to prevent, respond to, and fix security issues that arise in an organization. Standards that were in place ten years ago may not be adequate for current business practices. As an example a strong password may have included less than 8 characters, while modern computers can easily break the password utilizing brute force or rainbow table methods.