Network Computing | The Survivor's Guide to 2002 | Feature | Security | Page 4

InformationWeek 500 Conference -- September 14-16, 2008 Registed Today!

IMMERSE YOURSELF:

Storage & Servers

F E A T U R E

SECURITY

The Survivor's Guide to 2002

December 17, 2001
By Mike Fratto

Online Only: Rational Responses to Irrational Events

Print Full Article
Print This Page
E-Mail This URL

It's been a tough year for Microsoft and its IIS. Several major vulnerabilities, a number of successful attacks against IIS servers, insurance companies charging a higher premium for IIS-based Web sites and Gartner recommending that "enterprises hit by both Code Red and Nimda immediately investigate alternatives to IIS" have all added to its misery. Yeah, go ahead, rip down all your IIS servers. Retool your Web applications from ASP to PHP or PERL. And do it now. That will surely be less painful than putting into place the proper patches, building a strong front end and doing a host of other things to put your self on the network securely.

Seriously, unless you are in the very early stages of development, such a radical move will be very expensive and time-consuming, and, in many cases, far more expensive than it's worth. It's not reasonable to expect an organization to make such a radical change overnight. We hope cooler heads will prevail.

Here are critical steps you can take to minimize and handle successful intrusions that have nothing to do with the technology deployed on your network.

Make a living security policy effort. If your security policy is collecting dust on a shelf, it's worthless. Start anew, involving people from all key departments. Figure out how your security policy can support your business plan while increasing your security stance.

Institute an incident-response plan. Knowing who is responsible for what, knowing when to call in outside help, and knowing what steps to take to minimize your exposure and damage will provide everyone involved with a plan of action. The last thing you want to do is make snap decisions during a crisis.

Have a disaster-recovery plan -- even to the point of figuring out how to rebuild critical systems in the event of catastrophic loss.

		Page: 1 \| 2 \| 3 \| 4 \| First Page

Ready to take that job and shove it?
Open | Close

Post Your Resume

Employers Area

News & Features

Blogs & Forums

Career Resources

Browse By:
State | City

SPONSOR

RECENT JOB POSTINGS

Featured Jobs:

UC Berkeley seeking Helpdesk Team Lead in Berkeley, CA

Hebrew SeniorLife seeking Telecommunication Analyst in Boston, MA

Novant Health seeking Chief Technology Officer in Charlotte, NC

ISES, Inc. seeking SAS Oracle Clinical Developer in Clinton, NJ

Lowe's seeking Network Engineer II in Mooresville, NC

For more great jobs, career-related news, features and services, please visit our Career Center.

CAREER NEWS

10 Search Engines You Don't Know About

Go beyond Google and get vertical. These specialized search sites will help you find the business information you need -- fast.

Yahoo Profits Fall 23%, Cuts 1,000 Jobs

Ari Balogh was named to the post of chief technology officer as the companys for a "realignment" of employees.

More articles from our career center


Today's Most Popular Stories • Rolling Review: Web 2.0 Tools Demand A Cautious Approach • Rolling Review: Windows Server 2008 Server Core • Rollout: Prism EventTracker Log Management System • Rolling Review: Patch Up Your Windows
Today's News Analysis • Amazon EC2 Entices Innovative Uses With Persistent Storage • AIG Private Client Group Diagnoses SOA Glitches With BMC Solution • CA Emphasizes Holistic Enterprise IT Management • Apple Previews Its Next Mac OS 'Snow Leopard'
REPORTS Analyize In-Line NAC strategies and products.	ANALYTICS Plan and design your enterprise blade server deployments

InformationWeek U.S. IT Salary Survey 2008

Salaries for business technology professionals are falling. Here's what you need to know in order to make good hiring decisions and personal career choices. Download Today