tailieunhanh - Computer and Network Security: Questions Everyone Should Ask

However, in many multi-building installations where a central control capability is de- sired, or where there is some outlying equipment to monitor, it is more and more com- mon to connect the separate BCS networks using existing cables and IP protocol. This connection may be entirely confined behind a corporate firewall, but more likely includes the public Internet . How are such network connections secured? If they are secured, it is most commonly done by using virtual private networking (VPN) technology from build- ing firewall to building firewall across the Internet . A router implementing this technol- ogy takes BCS traffic at one end-node,. | Libraries Computing Technology Computer and Network Security Questions Everyone Should Ask A guide for discussion among business administrators and their information technology staff LIBRARIES COMPUTING TECHNOLOGY MICHIGAN STATE UNIVERSITY Last Revised March 31 2005 Computer andJNetwork Security Questions Everyone Should Ask Computer and Network Security Questions Everyone Should Ask A guide for discussion among business administrators and their information technology staff Overview Today virtually every business function at the university involves use of information technology. We use computers to store and retrieve records and we conduct online transactions over building campus and Internet network connections. Information technology yields great efficiencies and analytical power it also imposes the responsibility to manage information securely and in many cases confidentially. This report provides a checklist to use in evaluating whether a unit is adhering to best practices in computer security and data confidentiality. Security experts advise that computer security is an ongoing process not a single safeguard or product. Rather computer security is achieved through an ongoing process of assessing risks managing risks and monitoring the effectiveness of risk mitigation techniques. In today s world security requires constant vigilance. Page 2 Computer and Network Security Questions Everyone Should Ask Scope of this Document This document provides a guide for discussions among computer support staff and management. Computer security is a complex subject area to which many books and journal articles have been devoted. Computer security also involves the processes used to plan acquire and implement technology as well as the management processes for authorizing and approving business transactions. Therefore this document cannot be considered comprehensive. Instead it is a starting point for discussion. Consult the computer security resources listed at the end of this