Security monitoring activities help protect a business from threats within the company, as well as from external threats. Internal security activities focus on employees and employee safety, as well as the computer network and protecting the company’s information. Internal security also protects from internal threats such as those presented by an unscrupulous employee. External security activities focus on the physical security of the facility or building, as well as measures to protect the business from intrusion, either physical or through the computer network.
Network monitoring encompasses performance as well as security monitoring. Performance monitoring is used to create data regarding network performance, as well as the typical behaviors of people working on the network. This could be used to determine how much time employees spend on non-work sites like email accounts and social networking, as well as create an outline of improvement needs for the security system. Network monitoring data is combined with other types of security monitoring to assess and improve security.
Penetration testing is a method of finding gaps in network security. Certified ethical hackers or other information-security specialists conduct penetration tests, usually from outside the network, although sometimes from inside, as well. The external penetration testing is often done blindly, without knowledge of the network security measures and monitoring that are in place. If the external penetration testing breaches the network, this also provides an idea of how effective and efficient security measures are in the event of a breach. Internal penetration testing usually includes knowledge of the internal security measures; testers may try breaching the network from employee computers or other methods to assess potential gaps to internal security. Those who monitor the network would also be tested to assess their responses to such a security breach.
Physical Security and Monitoring
Physical security includes surveillance cameras and alarm systems, as well as guards. Guards on duty may patrol the facility as a means of monitoring the grounds, while cameras offer constant monitoring of the internal — and often external — facility. External monitoring may include cameras in parking garages or guard shacks, with guards on duty 24 hours a day. Internal monitoring often includes cameras, and may also include integrated alarm systems, such as fire and carbon monoxide detectors.
Incident Reports and Statistics
In the event of a security breach — even if the breach is found to be a false alarm — security procedures in place require security personnel to report the incident. The reports include a clear explanation of what happened, when it happened, how security responded to the incident, what security discovered and how the matter was resolved. This is common for security monitoring networks, as well as physical security, and it provides the company with statistical data to use to improve security procedures and efficiency.