A New Way to Look At Security
In today's environment, security is far more than firewalls, vulnerability management, anti-malware, and properly tuned Intrusion Detection. All these things are vital, but they don't address the root problems. Security must start with sound policies, procedures, and standards that are tailored for the organization and authorized by management. Then, once approved, the job has just begun. For no policy (or document) is of any value without educating the people in the organization as to its contents. This requires a well thought out Awareness Program and intuitive diagramming of the processes and procedures to support the policies.