Wednesday, January 30, 2008

A Secure Enterprise is Also a Well Managed One!




I’m dying to get into the meat of Security 2.0 but before I go there I think we need to talk about how the foundation of good IT management links to Security 2.0, or what I will call good Infrastructure Hygiene.

The reason that this discussion is relevant to Security 2.0 is that without a good foundation in our IT's infrastructure we cannot completely solve the data leakage problem**.

** Data leakage is the current buzz name for data that leaves the enterprise in an unmanaged manner.




So let’s talk about the infrastructure elements of Security 2.0. By infrastructure I mean the underpinning, or better yet, underbelly of IT's operation. IE: the technology that information uses to move throughout and in and out of the enterprise.

Three dimensions of infrastructure hygiene come to mind:
  • Systems Management
  • Storage Management
  • Security Management
The need for this Trillium seems pretty remedial to some of us because these are the technologies and process that we have been working to put in place all our career.

So why even mention it and what does this have to do with Security 2.0?
Answer: A well managed enterprise is a also a secure one!
Try this logic...

  • For security technology to know what is going on at an end node, a sensor must be placed there.
  • For the sensor to get there a method of deploying and keeping the sensor at the end node must be active.
  • If anything happens to the endnote it must be able to be quickly restored to a known configuration.
  • If the end node is not configured properly it must not be allowed to connect to the data sources.

Security systems that have no sensors [eyes] are blind. Therefore something in the Security 2.0 architecture must provide and manage those eyes [sensors] if the security system is not to be blind to data breaches.

In this context the Trillium of IT technologies must operate in concert with each other if we have any chance to plug Data Leaks.

No comments: