- 10 open source companies to watch
- Mythbuster busts his own tale
- $208 million petascale computer gets green light
- Sony recalls 73,000 Vaio laptops
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
With roughly 250,000 residents, Virginia’s Arlington County is one of the smallest in the country. The county government prides itself on creating a supportive, family atmosphere for its 3,500 employees, a few hundred of which work remotely. But when it comes to cyberthreats, Chief Information Security Officer David Jordan lays down some strict house rules.
“We work really hard to educate our employees . . . to make them feel responsible about the cybersecurity piece of their job,” says Jordan, whether those employees work in a government office, telecommute, or are out in the field issuing permits or inspecting fire codes with their laptop in hand. Jordan personally meets with every new hire during the training process to make individuals aware of Internet threats and the county’s security policies, outlining rules about Web and e-mail usage. Ongoing awareness-raising includes initiatives such as contributions from the IT department to the weekly employee newsletters about the latest e-mail scam or fraudulent Web site.
But when it comes to securing remote employees, it takes more than awareness. The county has layered a number of technologies in order to secure the endpoints, installing Symantec’s Client Security on government-issued computers that offers virus, spyware, and intrusion protection as well as personal firewall features. The computers are physically protected by Absolute Software’s Computrace – “the LoJack of computer hardware” says Jordan, which lets the county trace the location of a computer. In addition, the county secures network access with firewalls and uses SSL for authentication.
While Jordan believes these technologies combined create “a robust remote extension facility,” there’s more to be done, such as adding layers of protection to the information stored in the county’s databases. Such is the case with most organizations trying to secure their remote workers --there’s always room for improvement.
“A lot of organizations still believe that a security strategy is antivirus, and that simply doesn’t work anymore,” says Natalie Lambert, senior analyst at Forrester Research.
“Now attacks are nefarious, extracting corporate information, and there’s a lot of organized crime and going after competitors . . . attacks these days are very targeted.”

Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...

Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...

We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment