Security sceptics should 'just say yes'

Companies need to realise that important business opportunities can only be achieved by taking a positive approach to IT security, writes Etienne Greeff

All too often, senior managers see IT security as a necessary evil or - worse still - as an inexorable cost that inhibits the growth of their business. When managed properly, however, the opposite is true: IT security can be a highly effective business-enabler.

So where does this negative perception of security come from? For a start, some people still believe that IT security exists solely to mitigate the risks associated with the modern workplace, or else they fear that the risks associated with new technology are too great.

Some research that IDC conducted for the technology company EMC, for example, found that 80% of the corporate executives, chief information officers (CIOs) and chief security officers (CSOs) questioned were reluctant to go with new business initiatives because of security concerns.

The turning tide

Fortunately, this tide seems to be turning, and enlightened companies are finally beginning to view IT security as a business enabler that can provide real benefits, especially when a strategic approach is used to unleash the full potential of new and emerging technologies. After all, IT security can now enable whole new ways of working, especially if security managers start saying 'yes' to exciting new technologies like cloud computing, web 2.0, and multiple device support.

But these flexible new models still frighten a lot of businesses. Some managers still hold the old-fashioned view that IT security is all about blocking 'outsiders' from accessing their network. But what if these 'outsiders' happen to be key employees, partners and other shareholders?

When managed correctly, IT security isn't only about stopping and blocking and protecting - it is also about breaking down boundaries and making sure that individuals are able to stay connected and productive whether they're at home, in the office, or somewhere in between. Thanks to modern technology, this is an easily achievable - and secure - reality.

Strategic approach

By taking this kind of strategic approach to IT security, companies will be in a much stronger position to launch and support a number of important business initiatives. For example, a company may want to integrate its suppliers, distributors, outsourcers and other marketing partners via a single, unified IT infrastructure, so that members from one organisation can access the applications and information of another - without compromising security.

With scenarios like these now a reality, IT security is quickly becoming a dynamic business discipline in its own right, as modern companies begin to realise the wide and varied range of business processes that a secure IT framework can support, in addition to the types of unwanted activities it can prevent.

As such, senior managers need to view IT security in a totally different light, so that their businesses can begin to accumulate (and benefit from) information about their customers without worrying about it being exposed, and also to develop and expand their online presence without being paralysed by the fear of a cyber attack. This progressive approach to IT security, if managed correctly, will play a vital role in making sure that businesses can survive and prosper in this new digital age.

Etienne Greeff is technical director at at SecureData

Read more on Antivirus, firewall and IDS products