The job of securing your company’s networks, endpoints, desktops, mobile devices, storage, cloud efforts and everything else can seem overwhelming at times.
Whether it falls under the auspices of IT or is a discrete security function, the responsibility for locking down the technology and policies for any modern organization is a colossal task. Security has grown into far more of a job than simply installing a firewall and making sure everyone is using a sufficiently strong password.
The network perimeter has grown and continues to grow around the corner, across the country and even across the globe. There are desktops, servers, laptops, netbooks, smartphones … every access point and endpoint are potential vulnerabilities. Ultimately, you want to lock down your organization without locking your employees out. It’s a delicate balance. This month, we’re looking at both endpoint security and security at the good ol’ desktop level.
How do you handle security at your organization? Is it the responsibility of IT? Is there a separate IT security function? Does your organization have a chief security officer or chief information security officer? If so, what does their role look like? Do you combine the jobs of information security and physical security? I had the good fortune of working with Bill Boni, who was the first corporate security officer of Motorola, in charge of both digital and physical security. If ever there was a doctrine of how to do it right, it was the policies and processes he put in place.
There are good ways—and not-so-good ways—to handle security, but there isn’t one, single manual you can follow. What works for your organization might not work for another. It’s an ever-changing landscape in which you have to stay on top of not only the right technologies, but also the right policies and practices. Security is just as much people and policies as it is the right technology deployed in the right manner. And that’s what makes it so tricky.
The airwaves have been relatively silent the last few months. Let us know how we’re doing. Are we providing the right mix of coverage? Is there anything you’d like to see more of—or less of? Any time you have comments about the content on TechNet Magazine, please send us your feedback. Join our LinkedIn group, send us an e-mail at firstname.lastname@example.org or e-mail me. We want to hear from you, and hear about your day-to-day life as an IT manager.