Security In Depth        By Mike Vizard                                                          December 15, 2011        ...
21    Every IT security professional will tell you that IT organizations    can’t rely on one single technology for defens...
21                                                                                                 Ut pharetra, diam in co...
3    Cybercriminals and other digital miscreants have to be right only once to compromise an organization’s    IT security...
ABOUT TECH SECURITY TODAYTech Security Today is committed to providing insights and actionable recommendationsto help smal...
Upcoming SlideShare
Loading in...5
×

Strengthening the thin-it-security-line

3,984

Published on

The only thing between IT and the next major security breach is a thin line of IT expertise. Shoring up those defenses requires new approaches to systems and security management that rely heavily on IT automation to give organizations a fighting chance.

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
3,984
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Strengthening the thin-it-security-line"

  1. 1. Security In Depth By Mike Vizard December 15, 2011 Tech Security Today Layered Security The Rise of IT Reducing the Total Automation Cost of IT Creating multiple layers of IT organizations need The perceived value of the security to detect and next-generation tools that organization’s brand now prevent a breach automate management is directly tied to the level and security of IT security it provides Page 1 Page 2 Page 3Strengthening the Thin IT SecurityManagement LineThe only thing between IT and the next major security breach is a thin line of IT expertise.Shoring up those defenses requires new approaches to systems and security management thatrely heavily on IT automation to give organizations a fighting chance. No responsible IT manager willfully ignores IT security issues. Just about everyone in the organization is aware of the issue and potential threats. But managing IT security along with all the other assets that need to be managed is just too difficult. IT organizations need a simpler approach that melds IT systems and security management into one seamless activity. As IT gets more complex to manage thanks to largely to the rise of virtualization, the convergence of IT systems and security management become even more critical; especially as the number of threats to IT security grow in both number and complexity. In short, finding a simpler approach to managing IT systems and security has become a critical imperative because the only thing between IT and certain disaster is a thin line of IT expertise.   Layered  Security   Every IT security professional will tell you that IT organizations can’t rely on one single technology for defense. Sound best security practices require the use of multiple layers of security to make sure that should one layer of defense be breached. In the event of that breach, there should be multiple other layers of security technologies that will first detect that breach and then prevent that attack from compromising the organization’s IT systems.
  2. 2. 21 Every IT security professional will tell you that IT organizations can’t rely on one single technology for defense. The most common example of a layered defense vulnerabilities in their software, the only is the use of anti-virus software on endpoint chance an IT organization has to make sure its devices coupled with firewalls deployed at the IT environment is secure is to apply the edge of the network. While most IT security patches that eliminate those vulnerabilities as professionals would recommend more layers of quickly as possible. But that isn’t going to security, many small-to-medium (SMB) happen in a timely way if the IT organization organizations face the challenge of not having is relying on manual processes. the skills or resources available to manage anything more complicated. Worse yet, the IT To address this issue, Dell has teamed up with environment is getting more difficult to manage Trend Micro and SonicWALL to create a with each passing day with the addition of more framework for managing IT security that virtual machines running application workloads integrates anti-virus software and firewall that all need to be secured. The sad fact is that technologies with Dell KACE security most IT organizations can’t keep up with existing management appliances and the managed requirements for patching applications -- each security services provided by Dell new application workload that gets added to the SecureWorks. environment simply exacerbates the problem even more. Together these platforms and technologies are   creating a layered approach to IT security that The  Rise  o f  IT  Automation   leverages the Dell KACE systems management Alas, most IT organizations can’t afford to platform to make IT security easier to manage continue throwing people at the IT management in a way that can be extended to embrace a problem. IT organizations need next-generation variety of complementary security management tools that not only automate the technologies and IT platforms. Customers can management of IT systems and the applications opt to either manage those technologies that run on them, but also ensure those systems together themselves or rely on the Dell are secure. There is a direct correlation between SecureWorks managed services platform to the number of applications running without the manage them on their behalf. latest patches and the number of vulnerabilities that exist within the IT environment. In a world where application vendors routinely divulge 2
  3. 3. 21 Ut pharetra, diam in consequat vulputate, leo turpis consequat dui, vel sodales risus odio non turpis. A layered approach to IT security management creates a defense in depth strategy that is easier to manage. By integrating security technologies with Dell approaches to IT security have yielded spotty KACE management platform, IT organizations results and a sense of dread over the inevitable can, for instance, automate the management of security breach that will, at best, wind up patch updates to not only application software wasting IT resources or, at worst, result in the but also the security solutions created by Trend theft of crucial intellectual property that can Micro and SonicWALL. This creates a truly never be recovered. The only thing standing practical approach to unifying security and between the organization and that dire systems management, which unfortunately has consequence is a thin line of overworked and proven to be an all too elusive goal for IT understaffed IT organizations that need all the organizations of any size. No matter whether the help they can get. IT organization opts to manage the environment itself or rely on managed services provided by the Dell, automating the management of the environment reduces the cost of managing IT IT organizations need next- security while dramatically improving the quality generation management tools of the security being provided. that not only automate the   management of IT systems Reducing  the  Total  Cost  of  IT   Until now effectively implementing a layered and the applications that run security strategy has been beyond the means of on them, but also ensure most SMB organizations. Too often, IT security those systems are secure. technologies have required the skills of dedicated IT security consultants that most SMB organizations can’t afford to employ. As a result, 3
  4. 4. 3 Cybercriminals and other digital miscreants have to be right only once to compromise an organization’s IT security, but the IT organization has to be right about security 8,760 hours a year. There is no chance of that happening without increased reliance on IT automation to not only discover vulnerabilities, but also deploy patches instantly. Dell KACE systems management appliances automatically identify potential vulnerabilities. Dell and its partners have been striving to make IT easier to manage on all levels. But in the area of security the need to make the management of the overall IT environment simpler is particularly acute. The number of compliance regulations that require more stringent security controls is increasing, as are the fines and levies associated with not meeting those requirements. The sheer cost of simply notifying all the people and organizations that may be affected by a security breach alone can be astronomical. At the same time, the perceived value of the organization’s brand now is directly tied to the level of IT security it provides. One misstep and the organization can wind up losing millions of dollars in revenue almost overnight. The ultimate end goal should not only be to strengthen the security of your organization, but also reduce substantially the stress of the people tasked with protect your organization each and every day. 4
  5. 5. ABOUT TECH SECURITY TODAYTech Security Today is committed to providing insights and actionable recommendationsto help small-to-medium businesses cost-effectively maintain security. To achieve thatgoal we have invited a number of notable bloggers and industry experts steeped insecurity knowledge to share their thoughts on best practices for setting security policies toprevent issues from occurring in the first place and then how best to remediate breachesonce they occur. www.techsecuritytoday.comABOUT THE AUTHORMike Vizard has more than 25 years of experience covering IT issues in a career thatincludes serving as Director of Strategic Content and Editorial Director for Ziff-DavisEnterprise, which publishes eWeek, Baseline and CIO Insight. Vizard has also served as theEditor-in-Chief of CRN and InfoWorld. In addition, he served as a senior editor with PCWeek, ComputerWorld and Digital Review.

×