Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

security for a accounting firm

what are the necessary steps need to be done for a accounting firm to be secured about the database and other things?

Why security control and privacy are so important for us?

Do you have any suggestions that we should do, such as firewall, vpn and personal side?

Please reply, thank you

Community Member

Re: security for a accounting firm

To say the least, the questions you ask are really broad in scope.

I perfer to look at security as a person-problem first, and then evaluate the appropriate

technologies only after the fact. You are probably better off getting any number

of really good security books first off. In general, you should do the following:

1. Identify what it is you're trying to protect

2. Identify who you are trying to protect it from

3. Create the appropriate policies (this is important) that

enable you to go forward

4. Design your security architecture

5. Deploy and TEST your architecture

6. Monitor and maintain your architecture

7. Respond to incidents as they occur, in compliance with the

relevant security policies you've created and law enforcement, as needed.

8. Use lessons you learn along the way to continue to evolve your security.

It's important to note that just buying product does not make a secure environment.

You've got to have a willingness to look somewhat sideways at your network, to see

it as an attacker would.

For security people, the two most important things (after budget, that is) are:

1. Training, training, training

2. Management buy-in and support.

Hope this helps.


CreatePlease to create content