SECURITY

Barrington Services believes that a few simple security solutions will never create a truly safe computing environment. Rather, security should be treated as a philosophy within an organization and requires well thought-out and comprehensive methodologies to be continually successful. Barrington Services carefully examines and considers all phases of technical implementations and on going operations to build a security strategy that grows with the client and the ever-changing world landscape.

Barrington Services promises you the most immersive security educational experience you'll ever have. Intense instruction and collaborative learning, you'll learn exactly what you need to know on the core topics essential to your security success. Below are the subjects we cover in our comprehensive evaluation of your company and training.

What is computer security?

70% of all computer security related problems stem from human, rather than technical, factors. A small investment in worker education usually takes care of most of the human factors. The other 30% are the technical issues that involve setting up and monitoring the computer systems to insure that you know what is happening on your systems and can make informed decisions regarding any activity on your systems.

Your company policies and guidelines

What do you want in the area of computer security? Are your computers to be used for work-related activities only? Will computer game playing and browsing that isn’t work-related be prohibited? What access, if any, will be allowed from non-company sites into your computer system?

Social Engineering

As part of the worker education process, “horror stories” about the ways that intruders operate will be shared to reinforce your computer security policies.

Usernames and passwords for your company

Easily guessed usernames and weak passwords are an invitation to your system. There are simple ways that can be easily learned to eliminate the “need” for usernames and passwords to be written on sheets of paper and left for unauthorized users to take advantage of.

Data backup systems onsite and offsite

Part of keeping your business running is making sure your data is available when needed. Onsite backups speed the recovery process in the event of failures or intrusions. Offsite backups insure the integrity of your data in case of a natural or man-made disaster along with recovery from viruses, trojans, and other computer attacks.

Integrity management

The operating systems you use “should be” the ones you purchased. Verifying that the system programs haven't been tampered with is essential to maintaining control of your computer system. The programs that your company uses for it's daily business are also vulnerable and important to maintaining control of your system. Monitoring the status of these critical files is essential to keeping your system operating in your best interest.

Auditing and logging

When you have a record of activity on your system, you make better decisions regarding improvements, upgrades, policy changes, and legal actions. It's a sound business practice to decide in advance what level of record keeping is needed and put a system in place that will deliver the data when needed.

Programmed threats

Viruses and trojans are programs that invade systems and do things that the owners of the systems don't intend. Preventing these threats is an ongoing activity that is needed to keep your assets under your control.

Physical security

No system is secure if physical access isn’t controlled. Part of computer security is determining the level of physical security that is consistent with your business’ needs and implementing the physical controls needed to support that decision.

Modem security

Modems make an intruders life easy but are a necessary for many businesses. Evaluating the needs of your business and controlling who can access your system via modem can greatly reduce the other computer security impacts while allowing your business to function the way you need it to.

Firewalls

A firewall is designed to control access to and from your computer system. It is here that many of your security policies are put into practice so your workers use your equipment the way you want them to and intruders are prevented from using your assets in ways that are inconsistent with your business plan.

Wrappers and proxies

Occasionally there are unplanned weaknesses in programs that are needed for your system to operate. When they are identified; these tools are used to further reduce the dangers of compromise by adding additional layers of protection.

Discovering break-ins

Part of the “Auditing and Logging” and “Integrity Management” processes is knowledge of if a break-in has occurred. Quick notification leads to more effective containment of the intruder and will allow your business to continue with a minimum of disruption.

Legal issues

Having a legal strategy in place will shape the plans and procedures to be followed if an intrusion occurs. Considering the legal options need to be done “before” the security plan is written and put into place. This way, the plan is consistent with your business philosophy. Planning is essential for protecting your resources from unauthorized use.