General Musing

blaze your trail

Posts Tagged ‘provisioning

Tightening your Security Budget #security

leave a comment »

I was reading 6 Tips For Doing More Security With Less and was happily surprised by the following points:

1. Get out of the deployment business.
3. Get more out of your existing security tools and systems

1. Get out of the deployment business.
IT security should definitely be involved in selecting data protection tools, but shouldn’t be dealing with provisioning tools that require heavy customization, Forrester’s Jaquith says. That can drain already-limited resources.

Many companies want provisioning tools with which they can specifically add users and specific edit fields, they want a helpdesk to perform this task so they can have cheap labour without compromising security. This is a short term thinking by Forrester, in my opinion.

3. Get more out of your existing security tools and systems
[…]
Consider reorienting the more labor-intensive tools, such as those for data leakage prevention (DLP), he says. Forrester recommends using DLP products mainly for monitoring activity rather than for blocking the leakage of data. And enlist the help of your business units to get the big picture on where data is flowing in the organization. “If you are looking at DLP to stop a data leak, you’re probably a little too late. You need to understand how users are using the information they have, what they are downloading, [etc.],” he says.

Absolutely, if you are using DLP to prevent data leakage you are doing it wrong. Implementing controls to monitor data leakage and informing your employees is far more effective and less intensive on the budget. The recently passed Nokia Law to allow email snooping may look evil on the surface, but this is also part of DLP. Personally I am against the tactics used by Nokia, but they have a valid reason to monitor their network traffic for data leakage, corporate espionage.

Technorati Technorati Tags: , , , , , , ,

Advertisements

Written by Daniël W. Crompton (webhat)

March 5, 2009 at 7:33 pm

%d bloggers like this: