The management of security updates, critical server patches, anti-virus software and backup management are critical tasks in the proactive security management of information technology assets.
Unless your organization is proactively managing these critical elements the security of your information is at risk. Server and desktop management must be supported by structured operational plans. Weekly server updates to patch OS deficiencies, security vulnerabilities or otherwise performance or availability related, need to be applied. Additionally application updates also need to be applied on a regular basis to ensure the best application performance, availability, and security. These same actions need to also be administered at the desktop as many security exploits are launched against desktops so proper patch management is critical.
While anti-virus and regular updates are a must some custom viruses operate outside of addressable memory and many go undetected. It is therefore critical that comprehensive security suites be utilized that identify anomalous network or application activity which may have been a result of defeated anti-virus software.
Another critical activity to mange the security of information is a comprehensive backup management program. This not only includes a full and incremental backups but ongoing tape rotation to secure facilities and regular testing to restore data from backup media. Testing restore capabilities to ensure viable backups will pay many dividends when lost data needs to be recovered.
While information security programs go far beyond these simple practices outlined pragmatic management of security updates, patches, data backup and restore capabilities are a critical component to ensure the security of your data.