Wednesday, October 20, 2004

Thinking about security

My experience with nonprofits is that they don't spend enough time thinking about the behaviors that make up security. They want to buy a product -- a firewall, anti-virus software -- or do a task -- update their software -- and then be done. Bang. Security. Checked off the list.

For some small organizations, this may be enough. But as nonprofits open themselves up via the Internet and collect more and more information about the clients and their donors, they need to think about managing a security as a process and not as something that is ever complete.

Today's post from Bruce Schneier, Schneier on Security: Security Information Management Systems (SIMS), struck a cord. It's good for consultants and in-house IT staff.

Computer logs are a goldmine of security information, containing not just IDS alerts, but messages from firewalls, servers, applications, and other network devices. Your network produces megabytes of these logs every day, and hidden in them are attack footprints. The trick is finding and reacting to them fast enough.

Read the rest of his post.

(in: security, network_admin, and healthy_and_secure_computing)