The maturity of an organization will often exemplify the pursuit of efficiency. But does that necessarily translate to being better, or, what does that say about ones innovation?
At a recent CheckPoint event the presentation revolved around building security agility in today’s IT and business technology. As Gen-X becomes a thing of the past and Gen-Y now influence business as much as our own personal lives, both technologist and business owners must adapt to the always connected society of Gen-Ys. Think about it…today’s high school and perhaps younger years are texting as a primary means of dialog, building resumes and conducting business on Facebook, and not to mention the power of information sharing at a press of a button. Oh, ya. That’s exactly what office professionals are doing today…from Blackberry email to iPhones/Twitter and some form of business approved P2P or FTP and slidesharing. These medium allow us to collaborate at a global level which is revolutionizing the now future. So, how do we continue to become leaders, movers of innovation and strategic by nature?
Joel Snyder rendered 4 characteristics of agile security in his keynote presentation—which was a refreshing topic in comparison to the usual technology events. You and your organization must be agile to succeed, hence, the ability to be flexible and adaptive and not just good at what you are doing.
• Design defense in dept
• Yield to standards based approach (with multiple/independent vendors)
• Build perimeterless network to gain greater control
• Cease from being event-driven
First, the implementation of layers of security allows you to be more flexible and ultimately more relaxed as you are assured the various components are protecting your coveted information—from the anti-virus at your desktop, IPS, WAF (Web Application Firewall); NAC (Network Access Control) and the VPN or encryption.
Next, adopting standardized approach or solution sets become critical when the future landscape changes and altering components, not the whole solution, is required. In parallel, the selection of vendor or product can be influenced by the “preferred” and/or incumbent and therefore, the effort (or lack thereof) put forth might just suffice. While the perfect solution is not always what’s needed nor always selected; the point is to be vendor agnostics and docile to the varying solution which ultimately should be interchangeable and integration receptive for the evolving strategy.
Also, having a centralized point for all delivery or activity, whether that be the old days of mainframe to the recent single network hub-and-spoke scenario, is over. Growth commands the ability to make alterations with limited impact to all else related. Therefore, having multiple delivery points or extending the perimeter to more manageable component will not only allow you to be more flexible but will enable you to better adapt and be more nimble to change.
Finally, we all strive to be proactive; and not waiting for an event prior to soliciting a reaction is the key. Advances is technology will occur at a rate perhaps faster than you may be able to keep up with. But having a strategic approach and forethought is critical to anticipating the future or at least the ability to adapt and anticipate. For example, who would have thought SSL-VPN would be the choice for today’s business; yet the technology was around (just not as efficient and easy to install as IPSec-VPN).
A rejuvenating perspective on justifying the information security agenda, yet the business challenges remain in finding the “right” solution that meets today’s demands with the needs and consideration of tomorrow …
No comments:
Post a Comment