CDR-DATA

Telecom Tips

Volume 3 Issue 1

Fall 2001


How secure is your IT infrastructure and what you can do to keep it secure and backed up?…….

        

          Inside this issue:
If you are like most businesses with 50 to 200 employees your organization’s IT infrastructure has probably evolved drastically from when it was first implemented. How confident are you that the security for your information systems has evolved also. Most companies today treat security as one of those tasks that HAVE to be done to satisfy a GAP (General Accounting Practice) requirement rather than a real threat that should be reviewed, analyzed and updated on a regular basis. Unfortunately there are BILLIONS of dollars lost each year due to these attacks with an average cost of $30,000.00 per security breech. Here are some questions you should be able to answer as you begin controlling your IT security.

What do you have and how it is used?

What databases or other stores of information are available to your employees, clients or vendors? Which systems hold what information? Have you moved to an Internet access process but left the dial up access lines in place? What type of firewall protection do you have? When was the last time you or your IT team checked the web sites or newsletters of the packaged software applications you own to review if there have been security breaches found in these applications and patches developed and distributed?

Do you have access restrictions?

All the major database applications and operating systems allow for tiered authority and capability. You do not want to assign the same user password and capability to an entry-level clerk as you would to a senior executive or IT professional. Thoroughly review what tools are required for each job description and give the employee only the capability needed. When an employee leaves, part of the exit process should include the removal of their user name and password from the systems they had access to. On a regular basis review all your systems to ensure that only existing authorized personnel have access.

 

Do you monitor users usage and access?

What files do your users access? How long are they on for? What times do they access the system? Do they access the system from outside your locations? You can begin to develop a benchmark to determine the average usage and scan for aberrations. What do you do if there are exceptions? What ever you need to do should be agreed upon by all departments and written in the company procedure manual.

How is your data backed up?

Many companies ignore this problem until it is too late. Backups should consist of a complete (every file on the system and the operating system) backup weekly and a partial (any files added or modified since the last complete backup ) . The second most current set of full backup files should be stored off site in a safe or fireproof vault. As part of your security audit take a look around and see if any department has added a LAN or intranet that does not belong to your back up process.

By working to answer the above questions you will either find some holes that need to be filled in your IT security or you may find that you are in pretty good shape. If the latter is the case congratulations but do not let down your guard. As a security expert from ATT once said “Its not what do I do if I get hit, but what do I do when I get hit”.

For more information on computer security you can go to www.gocsi.com for the Computer Security Institute.

American Office Centers announcement

2

 

Tips on secure systems

1

 

 

Telecom trade shows

1

 

Telecom Trade Shows:

ALTS business conference
Washington DC
Nov 28-30

www.alts.org

SCTNA
Long Beach CA
Dec 3

www.sctna.com

Helpful Web Sites:

North American Numbering Plan Association

www.nanpa.com

California Public Utilities Commission

www.cpuc.ca.gov

RBOC standards and Documents

www.telcordia.com

Telcom recourses

www.teleconnect.com

 

 

CDR-Data Corporation adds Verizon wireless to its list of hundreds of call record formats! If you wish to have a combined report that shows all your wireline and wireless traffic please call us at 626.791.9700.

 

Go to Page 2