Secure by design?
- Article 2 of 3
- Enterprise Security, June 2004
Most organisations' security infrastructures are complex - and destined to stay that way.
Page 1 | Page 2 | All 2 Pages
An alternative to SEMs are consolidated devices that can perform several security functions. These are growing in popularity. While they can reduce the administrative burden on staff, organisations need to be sure that the devices are actually up to the job, technically: they can become single points of failure, introduce latency, fail to reduce management costs, not offer sufficient granularity in terms of access privileges, and not scale without requiring additional devices from the same vendor. The best options are devices that specialise in particular aspects of security, such as email or intrusion prevention, rather than ones that try to do substantially different tasks. The right device can reduce management costs and improve security significantly.
But putting too much trust in a single, unified suite is often a mistake. Information security is an immense area and includes much more than just the firewalls and anti-virus software of traditional security. Today, it covers many other elements including those related to IP telephony, biometric authentication, distributed denial of service mitigation and so on.
While some vendors claim to be able to offer up to 90% of the expertise needed to provide a secure set-up, they will never be able to provide total coverage. Security companies that have tried to become one-stop security shops in the past, most notably Network Associates, often failed to fully integrate even their own products, let alone competitors' offerings, and suffered as a result.
And technology is not the answer to all security issues, even when dealing with technological threats. While an integrated security suite may be able to monitor and control the security of systems, it will never be able to assess business needs and formulate an appropriate response. Indeed, it is in terms of management that many organisations fall down and which most need to address first before writing out any more cheques.
Page 1 | Page 2 | All 2 Pages