Cause For Concern

Published Date
01 - Sep - 2007
| Last Updated
01 - Sep - 2007
Cause For Concern
What are they doing about it? Some outsource, some see internal users as the biggest threat… these and other viewpoints discussed

Ravish Jhala, Manager, ICT, Mars Hotels and Restaurants Pvt Ltd

We have deployed security solutions in keeping with our budget, requirements, and nature of business.  All our Desktops have McAfee's anti-virus software installed, and we've also deployed SonicWALL firewall. That acts as the Intrusion Detection System. The best feature of SonicWALL is the option of multi-Ethernet connections, which isn't found in any other firewall.

McAfee's ePolicy Orchestrator auto-updates virus definitions and sends them to connected machines, and the Microsoft Windows Security Update Service downloads the latest security patches and pushes them to all the machines. We use Netcore's mail solution-which keeps out spam and phishing mails.

Constant monitoring of the network security is done through a single console, and reports from the logs generated are automatically sent to pre-defined users. After deploying our security solutions, we've enjoyed high protection from viruses and better bandwidth management.

Rajesh Krishnappa, Principal IT engineer, FCG Software Services India Pvt Ltd

Every company has a wide variety of diverse network components that have an effect on security-users, firewalls, and network topologies. The various security tools in the market are worth investing in if they have a substantial ROI.

Security programs and services are designed to meet the needs of small and medium businesses-basically to reduce costs, improve productivity, and protect data. By deploying a well-designed firewall along with DMZ (De-Materialized Zone, to host all Web-based applications), Desktop anti-virus, and operating system patch updates-apart from implementing freeware tools like Snort and Nesses-we can find and fix vulnerabilities in the network.

Each company has its own network infrastructure, security policies, and tools for managing security. How you seamlessly integrate these acquisitions into your company and still keep all IT assets secure should be part of your IT security project plan.

An easy way to begin looking at network security is via the well-known CIA (Confidentiality, Integrity, and Availability). Nearly 80 per cent of the threat is from internal users; keeping this in mind, we can plan accordingly to keep our business secure.

Falgun Shukla
, Sr Gen. Manager IT, Hikal Ltd

Security of data and the network is crucial for any business, irrelevant of size. At Hikal Ltd, we have deployed security solutions at the Desktop, Network, and Service Provider levels. For the Desktop level, we've been using three levels of security-McAfee's AntiVirus software, special data-encryption software, and user authentication for accessing any machine and the Internet. This is necessary to ensure security at the internal level.

At the network level, we use a proxy server for converged Internet access. We have outsourced our mail solution to IBM and about 60 per cent of spam as well as infected and phishing mails are blocked. We're thus able to save our network resources, and this also means time saved for senior management. Outsourcing means no efforts are required on our part to monitor and manage security-important, because getting people with multi-faceted skills to manage all IT needs is very difficult. We believe that other businesses should outsource their security solutions such as mail systems and choose products / services specialised for their security needs.

K. Ramaswamy, M. I. S. Manager, The Ruby Mills Ltd

The security solutions deployed at The Ruby Mills are in a three-tier mode for both e-mail and storage devices. A Unified Threat Management appliance (UTM) has been deployed, and there is also Kaspersky anti-virus at the gateway. At the Desktop and server level, McAfee's TOPS managed services-virus scans, spyware protection, and inbuilt intrusion protection-work round the clock.

The UTM package installed also provides intrusion detection, protection against spyware, and content filtering. SonicWALL ViewPoint is a good reporting server for monitoring and reporting content accessed on the Web. All security-related events regarding contents of Web access and e-mails are reported to the server, which is monitored. Access to the Web is done through authenticated user login.

All enterprises should adopt security measures with defined security policies. Windows Domain functionality is useful-you can have three security levels for user access. A business enterprise should evaluate their needs and then deploy solutions from scratch.

Sanjeev Raiphale, Kipa Architects

Our IT requirements are fairly limited. Only basic computer systems are required at our office. We use Quick Heal's anti-virus solution for the Desktops. All systems undergo regular scanning for viruses and Trojans. We have outsourced our IT security services.

Reports and logs of the scanning are maintained. So far, we've never had a problem with the security of our network or data. Still, we always look to keep our systems protected from virus attacks and spam. The biggest threat today in terms of security is from internal resources. However, outsourcing our security needs helps us stay protected against virus attacks and we can concentrate on our business.

Team DigitTeam Digit

All of us are better than one of us.