Content

Securing a Complex Communications Environment: Ten Top Tips

The growth of e-security products and services is creating an administrative headache for enterprises.

Some large or complex corporations are finding it difficult to manage their e-security across multiple locations and disparate systems. Here is a typical example...

ACME has 7,800 employees across 13 countries. It has long been aware of the risks posed by email and web use, and has implemented e-security products and services since 1996. In that time it has deployed various anti-virus solutions, firewalls, URL blockers and email content analysis tools in each location.

The IT director is now losing sleep worrying when the next big security breach will occur. She is finding that the growth in email and web usage and the increasing complexity of security threats (such as new strains of viruses and more sophisticated spamming techniques) is putting a strain on security. Furthermore, as the company has become more geographically dispersed, she is struggling to implement and manage consistent e-security procedures across each location.

This kind of scenario is typical of many complex enterprises today. The use of temporary band-aid solutions to combat e-security threats is now causing management nightmares and leaving these organizations open to potential security breaches.

The tell tale signs

If you recognize any of these tell tale indicators, then it may be time to readdress some of your e-security systems:

  • Do you require large numbers of staff to update, manage and control fairly routine changes in e-security procedures?
  • Are you having to implement more and more software and hardware to counteract performance problems by existing systems that the organization has simply grown out of?
  • Are you struggling to explain the value of e-security because of an inability to measure and analyze email/web usage and the incidence of security threats?
  • Are problems with administration actually counteracting the benefits of e-security?
  • Do you have gaps in your security because company policy is difficult to implement consistently across a dispersed organization?
  • Are you having to compromise security in order to provide better email and web performance?
  • Are you having internal wrangles about the ownership and administration of security procedures?

Top Ten Tips

If any of the above ring true then we would advise IT departments to use the following 'top ten tips' as a checklist for streamlining their e-security:

1. Ensure you have a single point of control for policy and
    administration of e-security across the entire enterprise,
    increasing the speed and effectiveness of deploying security
    while reducing costs.
2. Use delegated administration in order for business unit managers
    to relieve administration bottlenecks and simplify policy
    implementation.
3. Use comprehensive auditing and reporting to enable decision
    makers to better understand how employees are using the  
    network.
4. Implement a solution with flexible deployment options that caters
    for thousands of users and their messaging traffic requirements
    to ensure rapid replication of security policies across the
    organization.
5. Make email and web usage policy documented, visible and
    available to all employees in order to ensure responsible use of
    electronic communications and prevent the need for disciplinary
    action.
6. Monitor and document content security risks to ensure recognition
    and understanding at a boardroom level.
7. Instigate the development of a content security committee (made
    up of HR, legal, security, IT and a board member) to prevent
    internal wrangles and ensure effectiveness of security policy.
8. Deploy an email/web management solution that can be integrated
    effectively with existing anti-virus, archiving and URL blocking
    technologies to improve performance and save cost.
9. Deploy email filtering tools that can efficiently analyze email
    content without compromising performance.
10. Choose a partner that has experience with large and complex
    organizations.

Enterprises finding themselves bogged down by the management of email/web usage should use the above strategies to simplify the administration of complex and fragmented IT systems. As well as getting peace of mind by blocking e-security gaps and improving efficiencies, streamlining the management of e-security systems will prevent further problems that could result from the anticipated growth in electronic communications.

Paul Rutherford is chief marketing officer for Clearswift (www.clearswift.com).

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.