Internal Response

Internal Incident Response Teams are your teams. The people and staff that you hire to perform full time, internal incidence response. There are many advantages of having your own people on hand to perform security duties, such as incidence response.

1. You can have dedicated personnel that support the main organizational body and sub agencies. They follow your specific policies and procedures.
2. They are trusted authority in your organization and possess authorization to manage incidence. They maintain information for systems administrators.
3. They are a focal point for organizational purchases of security hardware and software while supporting it on site This is especially helpful with constant updates to virus definitions or security patches.
4. This team can provide constant input for policy and procedural improvements thus constantly sharpening the ability of the organization as a whole in incident responses.

Disadvantages of a Internal resource are as follows.

1. Internal teams are focused on the organization almost to the fault of not seeing trends in the security posture of the world outside. Keeping up with security information is difficult.
2. The big limiting factor of an Internal resource is funding. A specific Internal Incidence Response Team is not unheard of, but most organizations cross their system administrators into the team when a problem arises. This can be plagued with resource issues, staff familiarity, and levels of training and experience problems.