Daily ArchiveAugust 11, 2009

Daniel GottillaByDaniel Gottilla

What Exactly Is Vulnerability Management?

Vulnerability management is a bit of an IT buzzword these days. Many companies use it to mean everything from specialized information security measures to standard IT support – with plenty of room for interpretation in between. This can be confusing for businesses that simply want to know what they can do to make their business run more effectively.

At it’s core, vulnerability management is simply a way to address IT weaknesses in all aspects of computers and communication. From finding and reviewing IT issues to preventing problems and repairing them once the damage is done, vulnerability management is a way to keep your business running safely and efficiently – no matter what’s happening out in the big, bad world.

Some of the primary components of vulnerability management include:

  • Security reviews, including penetration testing or other quantifiable issues
  • Prioritizing vulnerabilities based on the potential for danger as well as the feasibility of addressing them
  • Implementing solutions where needed
  • Strengthen areas that carry the potential for weaknesses later on
  • Regular reviews and updates
  • Employee training to ensure proper use of all information security measures
  • Company-wide policy and procedure creation
  • Capacity planning for expected (and unexpected) company growth
  • Disaster recovery planning and damage control in the event of a catastrophe
  • Ensuring compliance with federal and state information security codes

Of course, your business will dictate exactly how in-depth each of these categories is and how much time and money you’re willing to put into your information security network.

At the end of the day, vulnerability management is really just a way to safeguard the way you communicate and secure customer information. It doesn’t matter whether you serve one hundred clients or one million; your business is only as good as the IT network you have backing you up.