So who is supposed to be working on this problem of managing the data that we give up?
The government: Government standards of compliance abound in an attempt to control the flow of our sensitive information and there are stiff penalties for non compliance. But is this the solution or the symptom?
The owner of the data: Sure we can try to protect ourselves by not giving up information. Come on, its impractical to expect people to abstain from participating in a society drawn to the social and business benefits of the Cyberframe.
Information technology architecture: Perhaps the real solution lies at the feet of the IT architectures and infrastructures that WEB connected companies employ?
Simply put, we've improved the movement and sharing of data but we haven't correspondingly improved our ability to manage access to it.When you think at the core of this problem its more about seeing security in a brand new light. This new form of thinking is more about protecting the sensitive information that is hosted in the Cyberframe than it is about protecting the infrastructure itself.
Don't read me wrong, this new security thinking does not ignore the hygiene that is brought to us by the ANTI-technologies [anti-virus, anti-spam etc], it does not ignore the need to backup data and it does not obviate the need to manage the configuration of the end node. This new thinking is a 2.0 type of perspective that matches the needs of the Web 2.0 world, I guess its Security 2.0. thinking!
In the next post we will start to dig into the how our IT infrastructure has to change to meet the needs of managing sensitive information. We will march through this problem in an organized and systematic way.
Have a great weekend, its snowing here :)
Don on data!