When IT security costs are cut, which security product is a must?

Having trouble finding the right security product when budgets are tight? Expert Peter Wood explains which particular guidelines can help you find the appropriate technologies for your organization.

With IT security costs being cut and threats increasing, what would be the best single product/device investment for a corporate network to increase security?
This is impossible to answer without knowing more about what business you are in, your existing network infrastructure, your existing security controls and so on.

Therefore, instead I'll recommend that you buy a copy of ISO/IEC 27002:2005 -- the Code of Practice for Information Security -- and use this as a checklist to determine what is missing and what you need to do.

This document of information security guidelines and general principles has been invaluable to me to help clients determine their existing security posture and prioritise their planning. The Code of Practice is available to purchase from BSI.
This was last published in May 2009

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...