Why Do You Think it

Why do you think it is difficult to get management to allocate money to pay for patching?

Many company senior managers, including company owners and Chief Executive Officers (CEOs) see patches to applications and operating systems as part of the minimum level of service any software company should provide as part of their purchase price. This is especially true in the area of larger, enterprise-class applications where companies pay a percentage of the cost of their applications every year for service and support. Yet companies like Oracle continue to charge for patches and updates to their database and many other applications. The logic is that if a software operating system or application is not fully functional when first purchases, a customer should not have to pay for a patch to make it work. Many companies are moving to open source software as a result of this cost. Why do you think most national governments have not moved to outlaw spam? For European governments they are slow to move to outlaw SPAM because of the fear they will somehow limit a person's civil liberties. For other nations, SPAM is not seen as part of a legal offense; this is specifically the case in several nations throughout Africa for example. There are also those nations so hungry for economic growth that they embrace any type of commerce activity, and this has been the case in China for example, which does not police against spamming. The U.S. government on the other hand has been aggressive about prosecuting spammers and sending them to prison. You are a fairly small company: a) Should you use a firewall? Yes, most definitely, as any hacker could get to your company's record, even spoof your e-mail addresses and send SPAM or other e-mails using your company's identity. b) Should you use antivirus systems? Yes, as any small business will have spent a large percentage of their total budgets on PCs and laptops, and a virus could make these assets inoperable fast. Anti-virus will save e-mail systems, the company network, and ultimately hundreds of hours of lost time. c) Should you use and intrusion-detection system? Yes and many firewalls now include this feature specifically to track and block anyone who tries unsuccessfully to break into a company network via a website, FTP link, or any other approach to gaining access to a company's systems.