Security monitoring allows:
1. Effective security protection on the network
2. Controlling of various malicious activities on the network
3. Detailed understanding of security infrastructure of the network
On the other hand, there are some drawbacks related to security monitoring, such as:
1. Organizations must ensure to implement a genuine and licensed security monitoring tool to perform complete security monitoring with all the features embedded, if not there are high risks of security attacks on the network.
2. Security monitoring might prove to be costly, if the budget is not planned properly in order to mitigate many security threats to the organization.
Let us consider some of the examples related to providing security monitoring solutions:
…show more content…
Regulatory Compliance
Security and Policy Management
Implementing effective security policies within an organisation is one of the crucial tasks. Security policies define a framework for managing different technologies, resources and helps in achieving the objectives and goals of the organisation. Security policies reduce network threats, risk of security breaches, and manages all kind of business risks in the organisation.
There are various business risks involved in the day-to-day business activities of the organization like: Protecting employee data, sharing business information, discussing about confidential data in the organization or in any public forums, utilizing the confidential information for personal gains/usage and utilizing confidential information for various malicious activities. These business risks have to be addressed by defining security policies in the organization.
The security policies within the organisation are implemented by following certain rules, such as:
i. The security policies can be defined depending on various roles and responsibilities within the organisation. ii. The security policies should be planned in such a way that it should not affect any assets or resources within the
…show more content…
Protection of data
b. Securing the information without sharing with anyone
c. Keeping the business data confidential and not used for personal gains
d. Ensuring integrity of the data
e. Following security policies/guidelines/procedures within the organization
f. Choosing a proper security technology based on the security breach detected
These best practices may vary depending on the type of organization and on the business principles followed by the organization.
Regulatory Compliance
Regulatory Compliance ensures that organisations follow as per laws, regulations, guidelines and specifications defined in terms of business. Sometimes, there are some scenarios where organisations does not follow the defined regulations properly. In such situation, these organisations are forced to undergo a legal consequence or punishments, which involve huge price to be paid for such carelessness.
Some of the regulatory compliance followed by the organisation include: Dodd-Frank Act, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), the Federal Information Security Management Act (FISMA) and the Sarbanes-Oxley Act (SOX).
These standards are described