If you are an IT manager, you would probably want to check out this survey by decipher.
I find it helpful because it provides one with the scopes of considerations required for managing an IT environment with regards to the information security.
Here are the scopes:
1. Categories of IT task within an environment.
2. Internet applications, technologies or services to be concerned with.
3. Have any of the incidents listed below occurred at your company within the last six months?
6. Methods used by your organization to control and secure IM communications made by employees.
Pay attention to Kace, provider of KBox, system management appliances.
KBox intends to solve old problem and it is based on client server architecture. The main purpose of its existence is to control users and it takes away IT managements the problems of:
However, it is not perfect per se. Thus, it is targeting companies who cannot afford a big team of IT personnel and do not have complex and evolving IT infrastructure requirements. According to Greg Lipper, these companies fall under the category of "Fortune 100,000."
I find it helpful because it provides one with the scopes of considerations required for managing an IT environment with regards to the information security.
Here are the scopes:
1. Categories of IT task within an environment.
- General System Admin
- Network administration or management
- Security
- End User/help desk
- Development/Programming
- Database Admin/management
2. Internet applications, technologies or services to be concerned with.
- Instant messaging
- Public instant messaging (e.g., AIM, Yahoo, MSN, GoogleTalk, Skype, ICQ)
- Internet or Web-based chat (e.g., IRC, Meebo)
- Enterprise IM and Unified Communications (e.g., Microsoft LCS, Jabber, IBM Sametime,)
- Media
- Streaming audio or video services (e.g., Windows Media, QuickTime)
- Subscription media (e.g., RSS, podcasting)
- IPTV (e.g., Joost or Veoh)
- Wikis or Blogging (e.g., LiveJournal, Blogspot)
- File Sharing
- Remote synchronization applications (e.g., Plaxo, GoToMyPc, Timbuktu)
- Music/video file sharing (e.g., Kazaa, Limewire, Grokster, BitTorrent)
- Collaboration
- Web conferencing (e.g., WebEx, PlaceWare, RainDance)
- Collaborative work applications (e.g., Groove)
- Social Networking Sites (e.g., MySpace, Facebook, LinkedIN, and others)
- Webware/Web-based applications and services (e.g., Delicious, Twitter, BackPack)
- Internet Telephony
- Personal/client-based telephony (e.g., Skype or Vonage)
- Enterprise/server-based telephony
- Others
- Web-based mail (e.g., via Yahoo, Hotmail, Google )
- Anonymizers and proxy servers (e.g., Tor, Ghostsurf)
- Google desktop
- Browser plug-ins
3. Have any of the incidents listed below occurred at your company within the last six months?
- Viruses, trojans, worms
- Spyware and adware
- Rootkits or similar hidden applications
- Bots and Botnets
- Other malware (keyloggers, dialers, etc.)
- Maintenance of network security hardware and software
- Maintenance of enduser computer hardware/software
- Federal or corporate archiving and storage requirements (e.g. of emails or IM logs)
- Education of endusers about security-related issues
- Development of corporate security policies
6. Methods used by your organization to control and secure IM communications made by employees.
- IM proxy servers
- Firewalls
- Intrusion Prevention Systems (IPS)
- Desktop software/personal firewalls
- Desktop lockdown
- Most endusers are aware of corporate Internet usage policies ?
- Endusers are regularly trained on how to keep their computers secure from threats ?
- Most endusers comply with corporate Internet usage policies ?
- Management is aware of federal regulations that govern our archiving/storage requirements ?
- We cannot prevent endusers from using IM or P2P applications ?
- IM and P2P are extremely risky for my company's network security ?
- The advantages of IM and P2P outweigh the risks ?
- We have effective methods to monitor IM or P2P traffic on our network ?
- We have effective methods to block/filter IM or P2P traffic on our network ?
- We have all the tools we need to be in compliance with federal regulations governing archiving and storage ?
- We cannot keep up with all the spyware and adware applications that are out there. It is too hard to stay abreast of the latest threats ?
- My colleagues and I receive sufficient training to be up-to-speed on security-related issues ?
Pay attention to Kace, provider of KBox, system management appliances.
KBox intends to solve old problem and it is based on client server architecture. The main purpose of its existence is to control users and it takes away IT managements the problems of:
- Complexity
- Security
- Productivity
- Compliance
- Speed
- Efficiency
- KBox 2000 Series Systems - Deployment appliances.
Essentially, this is a system imaging and deployment tool for Windows and Linux systems. It provides the following functions & features:- Inventory
- Scripted Installation
- K-Imaging
- KPE
- Remote Systems Recovery
- Pre & Post Processing
- Application Slipstreaming
- Integrated Reporting
- Centralized Deployment Library
- 100% Agentless
- KBox 1000 Series Systems - Management appliances.
Essentially, this is tool focus on your day-to-day systems management and security needs.- Hardware & software inventory
- Software distribution
- Patch Management
- Asset Management
- Scripting Configuration
- Security Audit & Enforcement
- Reporting & Dashboards
- Help Desk & User Portal
- Alerting & Remote Control
- Cost
- Implementation problem
- Support requirements
- Easy to use
- Total solution
- Satisfaction guarantee
However, it is not perfect per se. Thus, it is targeting companies who cannot afford a big team of IT personnel and do not have complex and evolving IT infrastructure requirements. According to Greg Lipper, these companies fall under the category of "Fortune 100,000."
Comments