Security guru Bruce Schneier once said that "Information and Communication Security is a process, not a product". So true.
Buying a firewall and hoping to be left alone is not enough. The knowledge of computer crimes is generally low in todays connected businesses,
and they are connected to a network that was designed with no thought of security whatsoever. Every company has their own computer system
configurations, accompanied with specific security needs. These needs have to be looked upon in a unique manner.
Todays security solutions are add-ons that were pasted onto the systems as the security flaws became apparent.
In such environments it is crucial to manage and review the information security needs on a continuous basis. Companies grow and new
parts are added to the system, parts that could contain potential security breaches that, in interaction with the rest of the system, could
open new security holes. The security process has to be continuously reviewed, as the landscape for information security is constantly changing.
There's no such thing as an easy security solution. If you obtained an off-the-shelf solution, you are most certainly already exposed
to threat, and not aware that you could be in trouble.