Education, retraining and job opportunities for EVERYBODY in the Armed Forces

   Home

   Resettlement

   Civilian Jobs

   ERB

   Fact File

   Boss
   Recruitment

   Courses 4
   Forces

   Contact Us

   Links


Click here now.... Click here now.... Click here now.... Click here now.... Get a job now!

Protecting IT infrastructure

(June 2003)

Regular adverts in the daily press show that IT is evolving at a rapid pace. Most of the changes have been for the better; newer computer systems continue this trend of improvement and deliver increased productivity to the end user, having a positive impact on business's bottom line.
But with these changes come new security risks to the network. Most would expect that the majority of threats and attacks are Internet based - external to the organisation. However, networks are as much at risk from inside organisations as from outside sources.
The problem is obvious to people in business. If network services go down, then so does productivity. With lost productivity there is lost profit. How much can a company afford to lose? Safeguarding the business means understanding when and where security breaches are most likely to occur and, if they do occur, how to minimise the effect and reduce system downtime.
With business partners connecting to networks over the Internet, and employees logging on and accessing e-mail remotely, providing a secure solution for managing network access has never been more critical. Obviously, data should be protected from hostile or malicious intruders who could delete or corrupt it, or those who might steal it for commercial gain. It is not just about protecting data from hackers, though; the services that network servers provide are also prone to attack. Remember Melissa and the Love Letter viruses? Both were aimed at bringing down corporate mail servers.
Protecting our systems
Most companies invest a great deal of time developing a security policy following well-publicised guidelines. Implementing such a strategy on a business system so that its requirements can be met requires trained support personnel. Unfortunately training courses on popular operating systems such as Windows 2000 or XP do not address the majority of risks.
Another tack is to teach everyone to become hackers, to understand their mindset and the areas of the network they enjoy attacking. Many courses take this approach - naturally without certification! However, there is now a course that identifies the weaknesses and vulnerabilities of operating systems, and shows how to harden or put up defences against attack.
CompTIA Security+
The Security+ Certification from CompTIA, which brought us A+ and Network+, has been developed to meet a number of needs of IT staff identified in a recent survey across several hundred public and private sector businesses:
• 31 per cent had experienced from one to three major security breaches - causing real harm, resulting in confidential information taken or interrupted business - in the last six months
• 22 per cent had no employees with security-related training; 69 per cent had fewer than one-quarter security trained; and only 11 per cent reported that all had received security training
• 96 per cent recommended security training
• 73 per cent recommended more comprehensive security certification
• 66 per cent believe that training/certification had improved their IT security through increased awareness and proactive risk identification
• 59 per cent said that government security regulations do not address practical problems.
CompTIA Security+ is an independent, globally recognised benchmark certification providing IT professionals with a recognised industry credential that provides proof of knowledge and expertise in security-related topics. It is a comprehensive examination, which tests individuals on a wide range of security concepts, including access, control, authentication and external attack. Although the certification is vendor-neutral the course focuses on Windows 2000 and XP with some coverage of Novell and Unix. Typical course content includes:
• identifying security threats
• hardening internal systems
• hardening devices and services
• securing network communications
• managing a public key infrastructure
• managing digital certificates
• enforcing security policies
• monitoring security infrastructures
The course is mostly hands-on, hardening the system and then testing it afterwards with tools readily available to the hacker.
Students should wish to extend their IT knowledge into security or wish to gain additional qualifications. The course is 'entry level' but can act as a springboard into an IT security career. A recent job advertisement seeking IT security staff offered a salary of up to £35,000, a good indication of how seriously industry takes this field. Typical jobs involve monitoring and acting on security breaches; it is an ongoing process because new threats surface every day.
'In today's market, every organisation is a target for cyber-crime,' explains Matthew Poyiadgi, regional director UK & Scandinavia at CompTIA. 'The security issue for companies has always been that there is simply not enough awareness.' Tangent IT is 'placing valuable emphasis on addressing this issue through adding Security+ certification to its range of training'.
For more information, call Richard at Tangent IT on freephone 0800 458 2095

 

 
Related Topics
Computing & IT
  • Computing and Information Technology Sep 08
  • Computing and Information Technology Jun 08
  • Computing and Information Technology - Case Studies Jun 08
  • Computing and information technology Mar 08
  • Telecommunications Dec 07
  • Computing and information technology Oct 07
  • Telecommunications Aug 07
    •  
    More articles on Computing & IT



    Search Questonline: