This an introspective period in time for IT security departments. Yes, identity theft, malware, and all kinds of online fraud is on the rise, and needs to be stopped. Most of the terms like denial of service, SQL injection, cross-site scripting etc. cause some amount of trepidation among the business teams and also among general IT teams. IT security teams are quick to capitalize on the fear factor and tend to become bureaucracies.
Across the spectrum numerous IT projects have been delayed time and again and one of common causes is the IT security team won't allow certain things. Having strong IT policies is good but if it becomes a hindrance to other IT teams or business teams, that are trying to look at new ways of generating revenues or some cost saving measure, then it is a problem.
You can't have something become, "I SAID SO", wont' cut it any more. The IT security team needs to take a collaborative approach of saying, well this is our policy but let me understand what you want to achieve and more importantly, let me see how I can help you achieve that by adhering as closely as possible to the corporate security policy. The old maxim, "where there is a will there is a way" applies here.
Most of the time the IT security teams won't take collaborative approach is because it could be extra work for them or sometimes they just don't know how to help in new ways. Sometimes they need training or more investigation on how to get something done but yes keep it safe as per the policy.
In this economic climate, collaboration is the key and hopefully the IT security teams start collaborating more and not just be a road block!
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment