Introduction
First of all, it is necessary to mention that network security is regarded to be a rather complicated issue, which can be originally managed and controlled only by experienced IT specialists. Still, with the increase of internet mobility and accessibility, and with the essential increase of wired and wireless communication users, people are obliged to know at least the basics of network security. Despite the fact, that the main actions, aimed at improving the security level, will be performed by the system administrator of the PC network, all the users are obliged to do everything possible to prevent virus or hacking attacks, as well as information and data leakage.
Security Improvement
To begin with, it should be stated that the concepts of network security and information security are similar, and they are often used interchangeably. Still, there is a difference in approaches: network security is the defense from the outside attacks (e.g. black hat hackers, script kiddies, etc.), and information security presupposes the inward defense (negligence of users, data loss, mistakes made by users, etc). Dean (2005) in her guide states the following: “One response to this insider threat in network security is to compartmentalize large networks so that an employee would have to cross an internal boundary and be authenticated when they try to access privileged information. Information security is explicitly concerned with all aspects of protecting information resources, including network security and DLP.”
Taking into account, that the upgrade of security system is the project, that should be properly managed, it is necessary to emphasize, that the actions that should be performed for upgrading the security level of the IT network should be the following:
- A strong firewall and proxy should be adjusted for keeping unwanted people out.
- A strong Antivirus software package and Internet Security Software package are the most important part of the security mechanism.
- All the users (employees) should use strong passwords and change them regularly.
- If a wireless connection is used, there is a strong necessity to use a complicated password.
- Physical security actions should be undertaken to restrict access to the material part of the IT network.
- Prepare a network analyzer or network monitor and use it when needed.
- Implement physical security management like closed-circuit television for entry areas and restricted zones.
- Security fencing to mark the company’s perimeter.
- Fire extinguishers for fire-sensitive areas like server rooms and security rooms.
- Security guards can help to maximize security (Flynn & Kahn, 2003).
From this point of view, it should be stated that project management techniques would be rather helpful for incorporating this project. Originally, the enlisted actions and recommendations will be helpful only if they are properly planned, and the whole personnel of the company take it seriously, putting aside any representation of negligence.
Conclusion
Finally, it is necessary to mention that project management of security improvement techniques should be divided into two parts: network security and information security. All the actions, directed towards granting security should not touch the working process of the personnel, still, their interests should be completely ignored, as confidential information is much more expensive.
References
- Dean, T. (2005) “Network+ Guide to Networks” Course Technology publishing
- Flynn, N., & Kahn, R. (2003). E-Mail Rules: A Business Guide to Managing Policies, Security, and Legal Issues for E-Mail and Digital Communications. New York: AMACOM