You are here  IT Management Risk Management

The basics of good security

Tuesday 19 September 2006 02:36

Are you suffering from security fatigue? Does trying to plug every possible gap in the network or ensuring every bit of data is only seen by those who should see it starting to weigh you down?

Does trying to hammer home the security message to senior management and non-IT staff feel like a thankless – and sometimes pointless – task?

The problem is that the race for effective IT security can never have a finishing line. Making sure that good staff practice is maintained and changing techniques and policies to meet evolving threats and business priorities means that security is always going to absorb a fair chunk of the IT director’s attention.

The real trick to effective security is squaring the circle to meet requirements which will often seem incompatible – ease of access to networks and data to those who legitimately need it and the exclusion of those who may have nefarious motives or are just careless.

The case studies in our feature article on page 36 show how one private sector and one public sector organisation have approached this problem in practice.

For every organisation, the key to cost-effective measures is risk analysis, which can pinpoint the most pressing needs and help secure funding from the board. The importance of this cannot be underestimated, as Computer Weekly’s CIO Index shows, only 50% of IT chiefs believe IT security is adequately funded.

Of course, IT security is big business, but as the article on page 40 points out, however much you spend on electronic security products and services, it can all end in tears if important documents are left on the photocopier.

Good security doesn’t have to be rocket science. In fact, it doesn’t even have to be science – just plain old common sense.

 

Vote for your IT greats

Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?

Vote now at: www.computerweekly.com/ITgreats