Centralisation – Does it Really Help Security?

According to Computer Weekly, Jesper Frederiksen of Google will be explaining at next week’s Infosec Europe 2008 conference that centralising critical applications, services and processes is the key to ensuring information security in the face of increased mobile working and communications convergence.

This logic is based on an assumption that a higher level of security exists around large, centralised web-driven datacentres. Centralisation therefore enables increased security at a lower cost because of the economies of scale.

I can certainly accept that it’s cheaper to centralise security. You need fewer security staff. But there’s no such thing as a free lunch. Fewer staff and centralised storage of records will also introduce a few security risks that we didn’t have before. Of course not everyone is concerned about risks such as large-scale data compromises. They affect some companies more than others.

And that’s why, when it comes to security solutions, one size does not always fit all.