Computer security is of utmost importance to company managers responsible for protecting their company’s information assets. Computer security specialists, or information security analysts, are responsible for protecting those assets on a day-to-day basis. A computer specialist’s job is to make sure only authorized people gain access to confidential information.
Planning Security
Security specialists strive to build in security during the planning stage of software systems, networks and data centers. It is less costly to build in security from the beginning than to retrofit systems after they have been implemented. Security specialists analyze specifications for critical components of computing infrastructure to determine vulnerabilities, risk and mitigating actions.
Securing the Infrastructure
Even the best built systems and buildings retain overlooked vulnerabilities found later during an audit or an actual security breach. The security specialist’s job is to determine the best way to secure the infrastructure, including physical security and cyber security. Information may be compromised by an unauthorized data center intruder as well as by a hacker who finds a cyber door into the network. Placing a secured door on the data center or a firewall on the Internet connection is the responsibility of the security analyst.
Monitoring the Infrastructure
A key component of infrastructure security is the monitoring infrastructure. Security analysts place network and computer monitors at strategic points on the network and on critical servers. These monitors typically communicate with a central server, reporting all activity for later analysis. Security analysts use automated tools to scan the logs produced by the monitors and look for aberrations in the activity.
Responding to Incidents
Every network is secure until someone hacks it. In the event of a security breach of any kind, the security specialist rolls into action. When an analyst finds a potential threat or attempted breach, it is his job to close the security vulnerability and if possible, identify the perpetrator. Many companies establish security event response teams with escalation procedures based on the type of incident and the severity of any breach. Security analysts function as experts on these teams to provide expert guidance and reasonable responses.
No comments:
Post a Comment