Raising the issue of system audits, it is common for people inside a business to consider one of two key topics – online precautions or internal business protocols. However, the truth is that these two areas have a much closer relationship than may be immediately apparent.While internal policies help managers to control how sensitive information is stored, transmitted and processed, these rules and regulations do not directly protect the firm from dedicated external threats. Conversely, the deployment of a firewall, antivirus software and spam filters can provide a good level of protection from probing attacks, but do little to reduce the impact of a breach should it occur.
This is why specialist security audit firms suggest that a two-pronged approach be taken when the decision is made to review an enterprise’s defences – as a comprehensive review will deliver more of an insight into potential problems than a piecemeal plan. A sound report will allow managers and IT specialists to begin collating a defensive strategy that covers all the bases – not just external threats or internal processes