| Lesson 4 || Effective security systems |
| Objective ||List the Attributes of an Effective Security System |
List the Attributes of an Effective Security System
Although the components and configurations of a security system vary from company to company, several characteristics remain constant.
A reliable security system is highly secure, easy to use, and reasonably inexpensive. Furthermore, it is flexible and scalable, and has superior alarming and reporting capabilities.
The table below summarizes the most important aspects of an effective security system.
Attributes and Goals for an Effective Security System
- Allow access to legitimate users only
- Minimize the opportunity of hacker access
- Minimize the possibility for damage in the event of hacker access
Easy to use
- Security system is easy to use so that there is no motivation to circumvent it
- The interface is intuitive
Appropriate cost of ownership
- Consider the initial purchase cost and the price of upgrades and service
- Consider the cost of successful implementation and maintenance
Flexible and scalable
- The system allows your company to do business the way it wants to
- The system can grow as the company grows
Superior alarming and reporting
- In the event of a security breach, the system notifies the administrator quickly and in sufficient detail
- System notification (alerts by email, computer screens, and pages) options are efficient
To implement effective security at your company:
- Maximize caution and minimize threats
- Apply as many techniques as possible on several levels
- Defining user responsibilities and access
- Maintain a thorough security policy
- Make everyone at every level accountable for security
- Dramatically increase security levels through the use of training
- Ensure physical security of your computer systems
Restriction of Network Permissions
Restrict the network permissions of legitimate users so they can still accomplish their tasks, but have no more access than necessary.
Even if a hacker can steal a legitimate user's identity and enter into the system, the hacker will only be able to gain the level of access authorized for that user.
In the next lesson, planning a security policy will be discussed.