• Attempts to Gain Access through Existing Accounts
• Failed File or Resource Access Attempts
• Unauthorized Changes to Users,Groups and Services
• Systems Most Vulnerable to Attack
• Suspicious or Unauthorized Network Traffic Patterns

While information security has became the most important aspect for any form of business process, the mushrooming of vendors in the space of security management tools has also became a noticeable aspect. Even in today’s financially tough phase, security infrastructure is one such priority of users that has shown resistance.

 There are certain security tools which security managers have patronized over a past couple of years. Among them UTM appliance is one. Factors like low cost of UTM solution coupled with the ease of deployment make it more popular among the SMBs.

 While UTM vendors claim that it takes off the pain of managing security by controlling multiple security tools like firewalls, spam filtering, etc, there are a few security managers who are not happy with the performance aspect of this swiss-knife approach to security. The only reason for such an experience is their lack of planning and weak pre-deployment process of the UTM appliance. To avoid this kind of experience, security managers should take a systematic approach while shopping around for an UTM. This systematic approach entails a complete understanding of what these solutions can do and what they actually want from their UTM. This sounds very easy, but if ignored, it could change the entire deployment experience.

 Network security is no longer just about keeping viruses, worms and other threats at bay. In an era of highly complex and blended threats, organisations have a very short window of time to respond to threats before it bring down network, leak critical data and tarnish the reputation beyond repair. Therefore, the decision to deploy an UTM should be well informed and thought out.

So what should you be really looking for while deploying an UTM for your infrastructure? To start with, security managers should look at getting a complete integrated solution that should have firewall, VPN, gateway anti-virus and anti-spyware, gateway anti-spam, intrusion prevention system, content filtering, as well as bandwidth management and multiple link management – all over a single platform. Organisations can choose and zero in on the best productivity and security features that match their needs.

 In a scenario where mainly threats are from internal than external, centralized reporting and management also become vital features that security administrators should look for in an UTM solution. Organisations with branch offices and remote locations need to maintain the same levels of security in these locations as the central office. While the threats faced by these locations are at the same level as the central office, organizations need to maintain high security while keeping expenses under control.

 The standard advice is to choose a UTM solution that meets your security needs. There is a raft of solutions in the market that claims to defend against a variety of threats. It becomes essential for enterprises to judge “Critical Impact Value” of a particular threat and the corresponding ROI from the appliance. However, that will differ from organisation to organisation as there are significant differences between verticals in terms of business pain points and drivers and concerns for deployment in a particular security. For example in educational institutes the UTM suite of features must include the Content filtering which effectively fulfils the need to shield young minds from viewing unwarranted and malafide content on the net. Similarly, for segments like government and defence there is a pressing need to protect sensitive data and the inclusion of IDP is in the feature suite is a must.

 While talking of these many points, getting proper post sales support from the vendor is also very critical for a successful deployment. Yes, in the UTM deployment there is a need to check vendor credibility over the issue of a support as well because security devoid of good support is bad choice. The vendor support system should be able to rapidly scale its support capabilities in step with the growth of their customer base. Only then customer satisfaction and responsiveness will be effectively addressed and by reducing business impact due to incidents through quick resolution time.

Strategy and budgets are two key topics that came up during my various conversations with CIO's from across the MEA region in the past 12-15 months. While most enterprises have not changed their 'overall' plan as a result of the crisis, alignment of IT and business seems to be the dominant strategy.

This said, there is a strong focus on cost cutting and short-term 'wins' - however this is not their main strategy. Organisations are demanding strong and well-documented business cases for their IT solutions, and are also taking the businesses' need for adaptability and flexibility plus business process efficiency as the starting point for discussions about how IT can enable this agenda before deciding on investments.

ICT providers therefore will need to strike the balance between adding value to clients by helping to create flexibility and agility in IT and business, while providing strong business outcomes, and providing short-term cost reductions through efficiency gains.

The importance of business and IT alignment has never been greater. Although the economy is expected to recover in 2010, the need for organizations to continue evolving products and services while improving operating efficiency will remain a central leadership challenge. For IT leaders, the ability to rapidly correlate IT project spending with critical business priorities is essential. The trouble with most technology adoption plans is that they do not indicate what the business value is, and what strategic or tactical business benefit the organization is planning to achieve. The simple matter is that your IT plan needs to have a strong business metric, not only an IT related metric that examines delivery of application in isolation.

While IT-business alignment may in the future be the natural state in which we operate, it doesn't mean that it's easy to achieve. Being close to the business means being close to your customer, and this is critically important to being able to deliver what the company needs. This happens in big ways, like having yearly IT strategic plans approved by a board of business leaders; and it happens in small ways, like having each IT person sit close to the business teams he works with on a day-to-day basis. This enables IT colleagues at every level to be conversant in the explicitly stated needs of the business and to have insights into latent or unstated needs as well. Furthermore, being able to explain how and where IT is adding value is a critical but frequently under appreciated skill.

IDC believes that IT will have to reorganize in the coming years, as:

• - IT performance will increasingly be tied to business performance
• - Infrastructure money will come from consolidation
• - New project money will come from business payback
• - IT and business department boundaries will become porous

Security isn't a Band-Aid, a patch that can be casually applied to fix a specific problem. For an organization to be fully secure in its IT systems and processes, security must become an integral cultural element, a quality instilled into every part of an organization - including its employees.

The first step toward building an enterprise-wide culture of security is to understand that security begins at the top, with executive management. At Cisco Systems Inc., for example, security starts with CEO John Chambers, who lends his name and rank to security initiatives and follows the same security practices and procedures as all other employees.

Top Gun

Security is much too important of a concept to be treated at the departmental level or placed into the hands of an indecisive committee. To ensure that security measures are implemented and maintained, a single person must be placed in charge of security programs.

Many organizations, including Cisco, General Motors Corp. and Amazon.com, have a CSO (chief security officer) or a CISO (chief information security officer), whose primary job is to ensure that IT security initiatives are launched and completed and that no portion of the enterprise is left vulnerable to internal or external threats.

Training and Talking

A training program is vital for creating and maintaining corporate security. Training materials come in many different forms, including brochures, newsletters, emails, seminars, Webinars and videos. Companies that strive to drive security into their culture use a variety of approaches. Offering an array of education tools will make it virtually impossible for employees to escape the company's security message.

Security information also has to be easily accessible. Starbucks Corp., for example, has built an electronic-policy library that's designed to help employees know how protect company systems and data. Employees are encouraged to use the system to find information on topics ranging from email practices to data encryption.

Communication is also crucial tool for creating a successful security culture. It's most important to make security relevant to all employees. No one likes to take extra, time-consuming steps just because it's "company policy." Managers must take the time to explain why certain practices are required, answer employees' questions, and seek support in implementing and updating security policies.

Good communication also means targeting security messages. While many security instructions and warnings can be applied enterprise-wide, some departments require special treatment -such as reminding traveling employees how to secure their laptops. When used on bulletin boards and in company publications, catchphrases are useful tools for reinforcing a security culture. At Cisco, for instance, employees are urged to "Keep Cisco Secure" and "Be a Security Champion."

To drive home security's importance, managers need to establish a rewards and recognition program. At Cisco, employees who make a significant contribution to enterprise security are rewarded with a plaque and cash. The company also gives away "Security Champion" T-shirts to employees who have made lesser contributions to the company's security. All winning employees are publicly recognized at mandatory company meetings.

Staying Loose

An enterprise security culture must be flexible in order to accommodate new technologies and emerging threats. Security policies should also be periodically reassessed to make certain they are keeping pace with ongoing trends and enterprise growth and to ensure that current practices aren't impeding productivity. Additionally, all employees should be urged to think creatively and to contribute in whatever way they can to the organization's security strategy and policies.

At that point, you can be sure that security is truly an integral part of your enterprise's culture.