Your security infrastructure is a dynamic blend of technology, procedures and people, all working in sync.
Security is essential. No one disputes that. You could take it to the absolute logical extreme and give your customers a pat down like the TSA when they enter your company’s front doors. You could unplug all the computers throughout your network from the Internet so there’s zero threat of getting hacked or contracting a virus or some form of malware. You could also get ready to go out of business, because that’s what would happen.
To operate as an organization, you must be open to your customers and open to the world. That’s what makes arriving at that delicate balance of security and openness such a profound challenge. Secure too tightly and you’ll lock out business. Leave the gates open and you’ll invite malware and malcontents.
Finding that balance and blending the right security elements is as much about your people and processes as it is about technology. You absolutely need technology elements such as a firewall, antivirus software, and identity management and access controls. These days, your organization’s security infrastructure is likely to be fairly complex. You’re not only locking down your desktop and laptop systems, but also any mobile devices you allow on your network. Then there’s moving to the cloud and all the security issues that entails. While moving data to the cloud can indeed increase your security posture, it brings up numerous questions about data access, control and ownership, as Vic Winkler points out in his article, “ Privacy, confidentiality and the cloud.”
Those technological marvels that make up the security blanket wrapped around your organization are only as good as the people operating them. As you fine-tune your security infrastructure, make sure your staff is completely up to speed and on board with your security processes. Even the strongest gate won’t keep out the wolves if a shy little pig leaves it open.
Many elements combine to make your business. There’s technology, security procedures and, most important, the people that keep your business running smoothly. These are all essential ingredients to maintaining an open and interactive enterprise, but one in which sensitive data that needs to remain secure is indeed secure.
How have you managed security operations at your organization? Is your security infrastructure fairly traditional, or have you employed some cutting-edge technologies and tactics? Have you arrived at the right balance for your organization? Have you had any security breaches you can discuss? Sign up for our LinkedIn group, send us an e-mail at email@example.com or e-mail me directly.
Lafe Low is the editor in chief of TechNet Magazine. A veteran technology journalist, he’s also the former executive editor of 1105 Media’s Redmond magazine.