Simplifying security

Companies should take a more holistic approach to system security says Fortinet

July 15, 2009

Companies should take a more holistic approach to system security says Fortinet

System security is a constantly evolving science, as threats are always adapting and finding new ways to attack corporate networks.

“The amount of security risk that organisations are exposed to on a daily basis has increased to such a level that a traditional single point product is not enough. The complexities of multiple applications and protocols have highlighted the need to be able to do more with security solutions, and the development of polymorphic viruses means that complexity is once more increased, as threats can now adapt and impact applications differently,” says Tinus van Rensburg, Systems Engineer at Fortinet, a multi-threat security system vendor.

However, due to historical implementations of security products, there is now a need for companies to manage multiple solutions and reports.

“One approach proven to successfully reduce complexity is to consolidate disparate security solutions into a comprehensive solution that incorporates threat protection with management and analysis tools enhancing the efficacy of the solution and reducing risk,” says Amy Thomas, Fortinet Product Manager at Zycko, an official distributor of Fortinet solutions.

The first step when simplifying and consolidating security and security management is not to make tradeoffs on the level of security itself. By examining the need for consolidation and a streamlined process to manage security, management will be made far simpler.

“Whether the business adopts a single management console or a console that can manage multiple solutions from multiple vendors, there is definitely a need to be able to centrally control their security systems,” adds van Rensburg.

Not only does this streamline processes, it also makes management easier, for example when an employee resigns and access needs to be removed, this can be done from a central point instead of having to remove the information situated at multiple points that reside within the security architecture.