|Top Security, Physical and Virtual - Securing Monitoring Protecting - Nationwide 24hrs x 365 days a year|
|IT SECURITY : IT'S SECURITY!
As readers of this newsletter will be aware, the Top Security Group has expanded considerably in recent years through both organic and acquisitive growth, and now employs a total of over 2,000 personnel in Ireland and overseas. But while most of the growth has taken place in business areas familiar to professionals in the security industry, readers could be forgiven for wondering if they were mistaken to hear that Top was now a force in ... IT Security? Surely bits and bytes have nothing in common with the world of physical security, alarm monitoring, static guards, mobile patrols, key holding and the like?
The language of IT security can certainly be bewildering on first encounter : Firewalls, VPNs, viruses, worms, trojans, PKI, tokens. The image of the geek hunched over a keyboard feverishly typing arcane instructions into a glowing computer screen comes to mind. But when you strip away the confusing language and look at the core issues involved - the world of IT security starts to look very familiar indeed.
First of all, consider that a key objective of an IT security professional is protect the assets of a business, and to enable it to function safely in today's electronic world. Wait a moment - you are simply describing what the rest of the security industry has been doing for decades. Sure, a Russian teenage hacker trying to penetrate a company's firewall to compromise their servers from thousands of miles away, or plagues of email borne viruses and worms, may be very different threats to those we deal with in the physical world - but security is security, and best practices carry through.
So where does an IT security professional begin? Like any security professional, a detailed secuirty assessment is essential. To protect any digital entity, you need to careful assess the threats it faces.
Having decided which threats are the responsibility of your engagement with the client, you produce a plan for how to deal with those threats. Then you carefully implement that plan. And then you test to make sure everything is working right, the threats have been dealt with, and ensure appropriate ongoing structures are in place to ensure the solution continues to be effective (audits, reporting and escalation procedures, monitoring, etc.). And of course you remember that situations evolve, threats change - and the security solutions must keep up. So you go back and start all over again by re-assessing the security requirements on a regular basis.
So its : assess, plan, implement, test - and repeat. The modus operandi of an IT security professional is reassuringly familiar to their opposite numbers in the physical world.
And the similarities don't end there;
while 'perimeter security' (keep hackers out!) is one of the first steps in securing a network of computers which are connected to the outside world, every IT security professional knows that the 'insider threat' needs to be considered and managed carefully. Systems must be protected from inappropriate or unauthorised access or modification by those inside the business as well as those outside. But dealing with internal threats is also very familiar in the world of physical security, with solutions including access control systems for sensitive areas of a premises, access logs, video surveillance, etc.
Again its a case of identifying and
understanding the security risks, and dealing with them appropriately.
Now where things get really interesting is when the two worlds - those of physical security and those of IT security - begin to interact. For example, if a building's access control system knows that employee X is not on the premises, then wouldn't it make sense to share that information with the network security system so that any attempt to access the system from inside the building using employee X's credentials will not only be denied but escalated as a possible intrusion attempt?
Or how about using the high speed
computer networks already installed in most modern businesses, and the broadband internet connections increasingly common in Irish homes, to improve their physical security?
Well this is already happening with
the advent of technology such as IP based CCTV systems, medical telemetry for remote health monitoring, integration of security systems with building management or home automation, etc.
So just as age old expertise and procedures from physical security is being gainfully applied to IT security, new technology from the IT side is helping improve physical security.
With these synergies between the
physical and virtual worlds only increasing, its no longer quite as surprising to see Top Security a player in IT security.
Copyright © 2013 Top Security - Top Security, diverse and cutting edge in our security offerings