The best security plan is a multi-layered one that creates circles of protection within one another, so that if one defense is penetrated, an intruder still has to get through more levels in order to do damage. Such an approach is called a defense-in-depth design.

Computer security should also be multi-layered, which means inclusion of more than one of the following:

1. Physical security measures to keep intruders from gaining on-site access to workstations, servers and network components, and to keep portable computers from becoming available to unauthorized users.
2. Firewalls at the Internet “edge” to protect computers on the LAN, and personal (host) firewall software to protect computers connected directly to the Internet.
3. Intrusion detection / prevention systems to alert you to attempts to break into the computer or network.
4. Passwords (and possibly card/token or biometric authentication) should be required to log on to computers and the network.
5. Access controls (shared folder and file level permissions) for sensitive documents.
6. Encryption for sensitive files and folders.
7. IP Security (IPsec) to encrypt sensitive data as it traverses the network.
8. Special security measures to protect wireless communications and remote access in general
9. Role Based Access: Job Related Role Based Access Controls
10. Identity Lifecycle Management

www.bestitdocuments.com