Security Think Tank: Secure collaboration not just about technology

What is the best approach to increasing collaboration without reducing security in an enterprise?

Adrian Davis, (ISC)²

Published: 09 May 2014

The best approach is not technology-based, but involves building cross-functional teams both within and without the organisation, encouraging the pooling of knowledge and experience, supported by business management, and using technologies that help them work together.

Building a successful and secure collaborative environment requires clear direction from management about the behaviours of the team; information to be shared; and the role of security in the culture.

When choosing collaboration technologies, strike a balance between functionality, scalability and security. Buying a system on just one of these factors may lead to issues going forwards, as one or more of the factors may prove incapable of meeting future demands.

Cloud and mobile services can offer a mix of all three, and it is important that all the parties – such as business, IT, legal and security – meet to agree how the balance is to be struck, to plan for future demand, to cater for legal and regulatory obligations, and ultimately build the right architecture and environment that ensures the benefits of collaborative technologies can be maximised, while the risks of deliberate or accidental compromise of the confidentiality, integrity or availability of information are minimised.

More on secure collaboration from Computer Weekly's Security Think Tank

Collaborative technologies will also require management in a technical context. Managers cannot assume that "IT will take care of it" and leave administrators to implement suitable controls to protect information and manage access by users. Additionally, managers cannot leave privileged users such as system administrators to work without supervision, or at least regularly review what those privileged users are doing.

Finally, thought must be given to capturing, sharing and securing the information created during the collaboration. Measures to securely archive, delete and access the information – perhaps over a period of years – should be put in place at the beginning of the collaboration and resources allocated to support their successful operation.

Adrian Davis is managing director EMEA for (ISC)²

Security Think Tank: Secure collaboration not just about technology

What is the best approach to increasing collaboration without reducing security in an enterprise?

More on secure collaboration from Computer Weekly's Security Think Tank

Read more on Privacy and data protection

What is identity and access management? Guide to IAM

Time to rethink business continuity and cyber security

Microsoft products address digital workplace security

3 key identity management tips to streamline workflows

SearchCIO

Replacing vs. maintaining legacy systems

Managing cybersecurity during the pandemic and in the new digital age

Enterprise architecture has business's ear at Scottish Water

SearchSecurity

6 SSH best practices to protect networks from attacks

Companies must train their SOC teams well to prevent breaches

Risk & Repeat: FBI's web shell removal raises questions

SearchNetworking

Aruba product integrations advance its SASE strategy

Wi-Fi 6 rollout requires careful review of network devices

How cloud-native networking will transform infrastructure

SearchDataCenter

Programmable processor technology for next-gen data centers

Data processing units accelerate infrastructure performance

New Intel Ice Lake processors boost performance, security

SearchDataManagement

Who belongs on a high-performance data governance team?

Soda launches cloud service to improve data observability

Bigeye raises $17M Series A funding to boost data quality