Discussion Topic

How do you strike the balance between the drive, drive, drive to get things done in IT Departments, with the need to safeguard systems and applications?

Premise

The concern expressed in this discussion topic rests upon the false premise that security impedes IT functions.

Examples where people encounter security are in areas such as the following:

• User: Accounts, passwords, and privileges
• Workstations: standardized baselines, operating systems, core applications
• Network: Hook-ups, LAN's, WAN's
• Servers: Hosts, corporate services
• Firewalls: filters, proxies, remote access
• Security adds no value to the IT business proposition
• Security is separate from IT capabilities
• Protecting services does not add value

Today's Environment

When we examine today's IT and threat environment, we find the following.

• Viruses & Worms: Mass mailing, Trojans, Distributed Denial of Service, Data Base Injections
• Patches: Windows Critical Updates
• Internet Fraud: Scams, Impersonation
• Information Theft
• SPAM
• Network Congestion
• System Outages

Conclusion

How much can IT really get done without security to protect against these issues?

Presentation Charts

The charts from this presentation are available in PDF format here.