Security Standards  «Prev  Next»

Lesson 4 Effective security systems
Objective List the Attributes of an Effective Security System

List the Attributes of an Effective Security System

Although the components and configurations of a security system vary from company to company, several characteristics remain constant. A reliable security system is highly secure, easy to use, and reasonably inexpensive. Furthermore, it is flexible and scalable, and has superior alarming and reporting capabilities.

System attributes

The table below summarizes the most important aspects of an effective security system.

Attributes and Goals for an Effective Security System

Highly Secure
  1. Allow access to legitimate users only
  2. Minimize the opportunity of hacker access
  3. Minimize the possibility for damage in the event of hacker access

Easy to use

  1. Security system is easy to use so that there is no motivation to circumvent it
  2. The interface is intuitive

Appropriate cost of ownership

  1. Consider the initial purchase cost and the price of upgrades and service
  2. Consider the cost of successful implementation and maintenance

Flexible and scalable

  1. The system allows your company to do business the way it wants to
  2. The system can grow as the company grows

Superior alarming and reporting

  1. In the event of a security breach, the system notifies the administrator quickly and in sufficient detail
  2. System notification (alerts by email, computer screens, and pages) options are efficient

Effective security

To implement effective security at your company:
  1. Maximize caution and minimize threats
  2. Apply as many techniques as possible on several levels
  3. Defining user responsibilities and access
  4. Maintain a thorough security policy
  5. Make everyone at every level accountable for security
  6. Dramatically increase security levels through the use of training
  7. Ensure physical security of your computer systems

Restriction of Network Permissions

Restrict the network permissions of legitimate users so they can still accomplish their tasks, but have no more access than necessary. Even if a hacker can steal a legitimate user's identity and enter into the system, the hacker will only be able to gain the level of access authorized for that user.
In the next lesson, planning a security policy will be discussed.