Network security is all too frequently viewed in militaristic terms of defending a prepared position, building perimeter defenses and applying sentries at critical points. This view has prevailed around the IT world and terminology used reflects the battleground mentality – chances are, your business network has a DMZ behind the gateway. A DMZ is a De-Militarized Zone.

This militaristic approach may be a neat way to look at your network, and it typically developed from how the founders of computer networks had to deal with the military application of IT in the post-World War 2 era. Most senior managers were ex-military officers in commerce and they also appreciated complicated IT concepts being simplified in military terms they understood.

The problem is that this military analogy is just that – too simplistic.

Today, the danger facing your network is more likely to be from within than without. One disgruntled employee with a USB stick can download your company client database in a couple of minutes, and how much is that worth to a competitor? An employee with a laptop hooking into the network after being used by a teenager back home can introduce untold havoc and damage in the form of viruses and malicious code.

Many commercially motivated hackers will not risk frontal attack against your network in any event because they will try to sneak in under the wire by gaining access to your people or indirectly to the waste they produce, such as computer printout thrown out in the trash, in order to find clues which will give them access. Kevin Mitnick, a celebrated hacker turned security consultant, actually gained physical access to an office building and by the end of a week had his own office and secretary assigned (and access to the company network) before it was revealed he had no connection to the company whatsoever!

An appropriate view of network security is to view the infrastructure and processes as a living organism. There is a perimeter though it ought to be viewed as a skin, and like a skin it is porous of necessity though it also must be secured. The soft interior, particularly around the vital organs needs an internal security system in place to protect it should an unwanted intruder gain access, and the reality is, this will happen at some point. Steps need to be taken to ensure that user access to the network cannot compromise the entire network; that their access is limited to what they realistically need for the purposes of their work. There should also be a restriction or management solution in place to limit what devices can be introduced to the network – a state of the art firewall at the gateway is for nothing if a virus-laden, USB stick can be inserted into a machine inside the perimeter.

While it is easy to lapse into military jargon when discussing any “security” issue, this can, and does persuade many that they are really more secure than they really are. Certainly, a militaristic approach has led to many IT managers moving to protect their networks and company processes from real threats, but frequently this has also generated a false sense of security and left the door open to the network somewhere else. We need to start thinking in terms of an organic whole rather than a battlefield and after surgery, the patient needs to still live!

Author Bio: Lawrence Reaves is a strong believer in Richmond IT services such as Richmond network security and Richmond outsourcing. For these services, Lawrence recommends PLANIT Technology Group. PLANIT Technology Group can be found online at: PLANITTech.com .

Category: Computers and Technology
Keywords: network security, IT services, Richmond IT services, Richmond outsourcing, outsourcing