The responsibilities of an IT security consultant can vary widely depending on the project, however, those responsibilities can usually be broken down into a couple distinct categories.
The first distinction is working on external security or internal security.
External security would encompass everything related to securing the physical building where the organization is located to preventing hacks from outside parties. The consultant would assess the level of security to understand how easy it would be for someone to physically steal a server or other infrastructure from the organization.
Once the building is secure, the IT security consultant would turn their attention to the internal security of the organization. And as analyst Rich Mogull warned, “Corporate networks are like candy bars: hard on the outside, soft and chewy on the inside.”
There have been a number of studies that have found that close to 70% of all security breaches are due to people inside the organization.
For securing the internal network of the company the IT consultant has a number of tools at his disposal:
IDS & IPS- Intrusion detection systems and Intrusion Prevention Systems.
These tools are able to monitor the networks, server, and work stations to check for threats. It checks for brute force attacks as well as virus packets.
When the system detects a problem it blocks the activity and then notifies you of the problem.
The real benefit of a Intrusion detection or Intrusion Prevention system is that the vendors that provide these software services are constantly updating their algorithm to keep abreast with the latest trends and can stay ahead of threats.
SSLVPN- Secure Socket Layer Virtual Private Network
The name is complicated but the idea is simple. an SSLVPN is like a secure connection between two endpoints.
And example of this would be an organization that stores all of their data at the corporate office servers but their branch offices need to access the data. In order to keep that data safe when its transmitted from the corporate office to the branch office, a SSLVPN would be set up so that nobody could intercept the information along the way.
Firewalls used to be something you could set up and forget about. Unfortunately that’s not the case anymore. There is physical hardware that gets setup but the power is in the subscription updates of the firewall service. Similar to IDS & IPS, staying ahead of the trends is critical for your organizations security.
Firewalls can be thought of like the moat and walls around the a castle. Its the first line of defense again any attackers and its always best to stop them before they make it inside the castle walls.
Where many organizations have problems is that they assume that just because they have antivirus software setup that they’re safe. A good firewall will prevent many viruses from ever making it to the system so it becomes a double layer of protection.
As you can see, there are a wide variety of areas that an IT security consultant may focus.
The important thing to remember is that no company is going to be 100% secure from day one BUT by establishing a benchmark, the company can easily evaluate their improvement overtime.