• Choose a category
• All
• Classic-Fiction

One of the biggest exploitations that occurs today involves applications such as e-mail clients and word-processing software. The manufacturers of these products regularly release updates to attempt to make them more secure. Check for updates regularly and apply them the same as you would for operating systems.

Network device updates Most newer network devices can provide high levels of security, or they can be configured to block certain types of traffic and IP addresses. Make sure logs are reviewed and, where necessary, access control lists (ACLs) are updated to prevent attackers from disrupting your systems. These network devices are also frequently updated to counter new vulnerabilities and threats. Network devices should have their BIOS updated when the updates become available; doing so allows for an ever-increasing level of security in your environment.

Cisco, 3Com, and other network manufacturers regularly offer network updates. These can frequently be applied online or by web-enabled systems. These devices are your front line of defense; you want to make sure they are kept up-to-date.

Policies and procedures A policy that is out-of-date might be worse than no policy. Be aware of any changes in your organization and in the industry that make existing policies out-of-date. Many organizations set a review date as part of their policy-creation procedures. Periodically review your documentation to verify that your policies are still effective and current.

Personal development Remember that you’re one of your organization’s most precious commodities. Like any precious commodity, you need to keep yourself current. Stay abreast of current trends in the industry, new threats, and other issues that might affect your business; doing so will ensure that your skills are always honed. You’ll feel more confident about your ability to deal with situations—and so will your company. Attend seminars, subscribe to relevant periodicals, and continue to grow in your knowledge and skills. This is your best bet to ensure career growth. Professional societies and associations are invaluable for gaining knowledge about an industry and its trends. Networking will also help you build a list of people whom you can call for advice or assistance when you encounter an unusual problem or situation. It’s likely that someone has already experienced what you’re encountering; you can learn from their experiences, and you won’t have to repeat their mistakes. Take your career seriously.

In addition to focusing on these areas, you must stay current on security trends, threats, and tools available to help you provide security. The volume of threats is increasing, as are the measures, methods, and procedures being used to counter them. The following sections will help you find places to keep current. Some of these resources are governmental; many other informational sources are available through corporations, schools, and associations concerned with security-related issues. A great deal of information also exists on the Internet and is available through the Web or newsgroup mailing lists. The lists that follow aren’t intended to be comprehensive; many of these sources contain links to other sources of information.

You must keep abreast of what is happening in the field and stay informed of the current best practices of the systems and applications you support. You’re basically going to be functioning as a clearinghouse and data repository for your company’s security. Make it a point to become a walking encyclopedia on security issues: Doing so will improve your credibility and demonstrate your expertise. Both of these aspects enhance your career opportunities and equip you to be a leader in the field.

Websites

Several websites actively track security issues. This list provides you with the major providers of security information on the Web. Many of these organizations also provide newsletters and mailings to announce changes or security threats:

Center for Education