Securing academic labs with OS X server, clients

Computerworld - In a series of articles written by Yuval Kossovsky, manager of digital media systems at Hunter College's Department of Film and Media Studies in New York, Computerworld is following the school's integration of new Apple Computer Inc. hardware and software. This is the sixth of those articles, which offer a hands-on view of integrating Macintosh computers and Apple software in what's largely an Intel and Windows world.

Security is justifiably a hot topic these days, and in this article I will touch upon several areas to consider in your environment that will simplify the process of securing your desktops, servers, networks and the data -- which will ultimately lead to securing your employment!
Security is more than locking down systems to weather a hacker attack, so much more that in many circles it's no longer referred to as data security but as information assurance. It is the art and science of enabling daily operations to occur in the most efficient manner that still allows quick recovery from major breakdowns and other failures.
In many companies today, this system of operations is referred to as a disaster recovery plan. I think this is a misnomer, because a disaster is only the worst-case scenario and the type of situation an organization is least likely to face -- and a disaster recovery plan doesn't encompass other incidents and events that are more likely to transpire. So if a plan only considers disasters, a company could be left unprotected.
A better approach is to develop a full security plan using these main steps: inspection, protection, detection, reaction and reflection.
To have a security plan, IT managers must first understand what it is they are securing and the value to the organization of the asset they're protecting. It's important to recognize that while some standard measurements apply in all environments, asset valuation is highly subjective. That's the purpose behind the inspection phase: to identify all of the company's assets, various attacks and outcomes, and the potential cost if that asset -- be it desktop, server, network or data -- becomes unavailable.
Once you've identified the asset value, determining how much to spend on protection is simple arithmetic. Here's an example: You have a server that holds the work of 400 students per semester. Each student pays $1,000 in tuition. If the data is lost just before final exams, the classes cannot be completed, and tuition must be refunded. Therefore, even a $7,000 tape backup device that initially seemed expensive is a bargain compared with the