Further thoughts on operationalizing your security
In an earlier post, I referencedthe CEO of Symantec, Enrique Salem’s speech at the RSA conference where he talked about operationalizing your security. This week I have been working at several clients doing Proof of Concepts on Symantec DLP. This week has lead to think very hard on how the different peices of the Symantec stack fit together very neatly.
No longer are we secure because we run anti-virus plus proper firewalls in place, we need a system in place to deal with the changing threats. Three years ago I was working as a network administrator for a private bank, we had a security policy in place, we managed our Windows Updates, we had network scans done quarterly and penetration testing done as well. Were we secure? Maybe, maybe not there were a lot of things I did not have visibility into. Did we have data leakage? Were our severs in compliance? Were people copying data on to USB drives/DVD drives? I just didn’t know.
Now with the different products in the Symantec product set we can work on getting that visiblity we need. it is not be the draconian IT department that all the other departments fear. It is about being safe with our companies data and being smart with what we are trusted with.
More thoughts to follow as I start to work on Operationalizing Security
1 Comment »
-
Archives
- December 2009 (3)
- November 2009 (4)
- October 2009 (8)
- September 2009 (5)
- August 2009 (8)
- July 2009 (7)
- June 2009 (8)
- May 2009 (5)
- April 2009 (6)
- March 2009 (7)
- February 2009 (8)
- January 2009 (7)
-
Categories
-
RSS
Entries RSS
Comments RSS
[...] talk to an expert on security. This isn’t a virus scanner and a password. Security is a comprehensive set of policies [...]
Pingback by You’ll Pry My Virus Scanner from My Cold Hands « Finding Ponies in Piles of Poop | May 26, 2009 |