E-Guide CONSIDER SECURITY IN YOUR DAILY BUSINESS OPERATIONS



Similar documents
E-Guide GROWING CYBER THREATS CHALLENGING COST REDUCTION AS REASON TO USE MANAGED SERVICES

Hybrid cloud computing explained

Evaluating SaaS vs. on premise for ERP systems

E-Guide HOW THE VMWARE SOFTWARE DEFINED DATA CENTER WORKS: AN IAAS EXAMPLE

How to Develop Cloud Applications Based on Web App Security Lessons

Rethink defense-in-depth security model

E-Guide CLOUD COMPUTING FACTS MAY UNCLENCH SERVER HUGGERS HOLD

Securing the SIEM system: Control access, prioritize availability

Data warehouse software bundles: tips and tricks

E-Guide CONSIDERATIONS FOR EFFECTIVE SOFTWARE LICENSE MANAGEMENT

Software Defined Networking Goes Well Beyond the Data Center

Advanced analytics key component for decision management systems

Solution Spotlight BEST PRACTICES FOR DEVELOPING MOBILE CLOUD APPS REVEALED

E-Guide to Mobile Application Development

Big Data and the Data Warehouse

E-Guide WHAT IT MANAGERS NEED TO KNOW ABOUT RISKY FILE-SHARING

Unlocking data with document capture and imaging

HOW TO SELECT THE BEST SOLID- STATE STORAGE ARRAY FOR YOUR ENVIRONMENT

CLOUD SECURITY CERTIFICATIONS: HOW IMPORTANT ARE THEY?

6 Point SIEM Solution Evaluation Checklist

Solution Spotlight KEY OPPORTUNITIES AND PITFALLS ON THE ROAD TO CONTINUOUS DELIVERY

E-Guide VIDEO CONFERENCING SOFTWARE AND HARDWARE: HYBRID APPROACH NEEDED

E-Guide THE LATEST IN SAN AND NAS STORAGE TRENDS

Supply Chain Management Tips and Best Practices

GUIDELINES FOR EVALUATING PROCUREMENT SOFTWARE

E-Guide UNDERSTANDING PCI MOBILE PAYMENT PROCESSING SECURITY GUIDELINES

Aligning Public Cloud Strategies to Improve Server Efficiency

How to Define SIEM Strategy, Management and Success in the Enterprise

E-Business Risk: The Coming SaaS As a Service

Strategies for Writing a HIPAA-Friendly BYOD Policy

Streamlining the move to the cloud. Key tips for selecting the right cloud tools and preparing your infrastructure for migration

Social channels changing contact center certification

Managing Data Center Growth Explore Your Options

E-Guide NETWORKING MONITORING BEST PRACTICES: SETTING A NETWORK PERFORMANCE BASELINE

Benefits of virtualizing your network

The changing face of scale-out networkattached

E-Guide CRM: THE INTEGRATION AND CONSOLIDATION PAYOFF

E-Guide MANAGING AND MONITORING HYBRID CLOUD RESOURCE POOLS: 3 STEPS TO ENSURE OPTIMUM APPLICATION PERFORMANCE

3 common cloud challenges eradicated with hybrid cloud

Hyper-V 3.0: Creating new virtual data center design options Top four methods for deployment

E-Guide SIX ENTERPRISE CLOUD STORAGE AND FILE-SHARING SERVICES TO CONSIDER

Key best practices for cloud testing

LTO tape technology continues to evolve with LTO 5

Best Practices for Scaling a Big Data Analytics Project

A Guide to MAM and Planning for BYOD Security in the Enterprise

Desktop virtualization: Best practices for a seamless deployment

How SSL-Encrypted Web Connections are Intercepted

E-Guide BYOD: THE EVOLUTION OF MOBILE SECURITY

Expert guide to achieving data center efficiency How to build an optimal data center cooling system

ios7: 3 rd party or platform-enabled MAM? Taking a look behind the scenes with Jack Madden

CLOUD APPLICATION INTEGRATION AND DEPLOYMENT MADE SIMPLE

Is Your Data Safe in the Cloud?

E-Guide BEST PRACTICES FOR CLOUD BASED DISASTER RECOVERY

Making the move from a tactical to a strategic supply chain

HOW MICROSOFT AZURE AD USERS CAN EMPLOY SSO

Tips to ensuring the success of big data analytics initiatives

Does consolidating multiple ERP systems make sense?

Advantages on Green Cloud Computing

Managing Virtual Desktop Environments

The skinny on storage clusters

- Solution Spotlight ACCELERATING APPLICATION DEPLOYMENT WITH DEVOPS

MDM features vs. native mobile security

BUYING PROCESS FOR ALL-FLASH SOLID-STATE STORAGE ARRAYS

The State of Desktop Virtualization in 2013: Brian Madden analyzes uses cases, preferred vendors and effective tools

Order Management System Best Practices

5 free Exchange add-ons you should consider Eliminating administration pain points on a budget

E-Guide SHAREPOINT UPGRADE BEST PRACTICES

Skills shortage, training present pitfalls for big data analytics

Social media driving CRM strategies

Key Trends in the Identity and Access Management Market and How CA IAM R12 Suite Addresses These Trends

2013 Cloud Storage Expectations

WHAT S INSIDE NEW HYPER- CONVERGED SYSTEMS

Preparing for the cloud: Understanding the infrastructure impacts Eight essential tips for a successful cloud migration

FIVE PERVASIVE FLASH-BASED STORAGE MYTHS

BEST PRACTICES FOR MANAGING THE EVOLUTION OF EHRS

Social Media-based Customer Loyalty Programs

The state of cloud adoption in India The use cases, industry trends, business demands, and user expectations driving cloud adoption in Indian

4net Technologies. Unified Communications

Exchange Server 2010 backup and recovery tips and tricks

TIPS TO HELP EVALUATE AND DEPLOY FLASH STORAGE

MOBILE APP DEVELOPMENT LEAPS FORWARD

5 ways to leverage the free VMware hypervisor Key tips for working around the VMware cost barrier

Essentials Guide CONSIDERATIONS FOR SELECTING ALL-FLASH STORAGE ARRAYS

E-Guide THE CHALLENGES BEHIND DATA INTEGRATION IN A BIG DATA WORLD

Elastic Private Clouds

Server OS Buyer s Guide Vendor-neutral tips for choosing the best server operating system for your organization

Integrating and Managing SAP HANA

Managing the supply chain for SAP

THE APPEAL OF SAAS ERP

Cloud Security Certification Guide What certification is right for you?

Cloud Storage: Top Concerns, Provider Considerations, and Application Candidates

E-Guide HOW A TOP E-COMMERCE STRATEGY LEADS TO STRONG SALES

Best Practices for Database Security

Agile for Project and Programme Managers

E-Guide BRINGING BIG DATA INTO A DATA WAREHOUSE ENVIRONMENT

How To Protect Your Online Backup From Being Hacked

CGS Technology Outsourcing

HR Managers Focus on Recruiting Experience as War for Talent Intensifies

Breaking Down the Insurance Silos

Transcription:

E-Guide CONSIDER SECURITY IN YOUR DAILY BUSINESS OPERATIONS

T his e-guide teaches you the importance of collaboration on a micro level for defending against cyber threats. Learn how to embed security practices in your daily business practices and embrace a flexible mindset as your business needs change. PAGE 2 OF 12

SECURITY THINK TANK: SECURITY NEEDS TO BE PART OF CHANGE MANAGEMENT PROCESSES Mike Gillespie How can development, operations and security teams collaborate around change to ensure security is maintained and even improved? Collaboration is a buzzword in the world of cyber security. International collaboration is seeing countries working together to successfully bring down cyber terrorists and hackers. Domestic collaboration is seeing leading businesses and governments striving to implement common cyber security practices such as ISO27001, PCI-DSS and Cyber Essentials. So, if we can all work so well together on a macro level, why is it we seem to struggle at the micro level with our own internal teams? Whether it is for digital, operating system upgrades, new networks, acceptable use policies changes or just introducing a new user, collaboration is a key factor to the success of any project and ensures the security of information assets stored, managed or processed as part of that activity. Yet still we do not seem to be singing from the same hymn sheet as our PAGE 3 OF 12

colleagues. So where do the challenges lie? When data is compromised, it is often because security has not been considered as part of the change and configuration framework. We build secure technological infrastructures and conduct penetration testing to identify vulnerabilities, but there is often no ongoing security maintenance and security failures ensue. Failures can be put down to a number of inherent issues: Disparate systems with no oversight or joined up ; Slow change leading to being circumnavigated, ignored or no joined up decision-making; Security not built in, but bolted on after the event; Legacy thinking rather than agile planning; Poor succession planning for legacy platforms; Lack of security process maintenance; Management out of the loop with corporate protection. Change and configuration should be a business-centric process that involves all appropriate stakeholders and ensures the maintenance PAGE 4 OF 12

and integrity of security controls. Basically, this means make it secure, check it s secure and keep it secure. All stakeholders need to be involved in discussions about business change. Security teams are often marginalised as they are seen as trouble-makers, when in reality they are business enablers helping create secure environments and improve asset protection. When collaboration does not occur, that is when breaches occur. change its mindset and be more flexible, working in harmony with the business needs and ways of working agile working rather than the traditional waterfall approach where projects are managed by timescales and milestones. Even if we are working in an agile, iterative manner, this does not mean always mean we do governance and change right. Indeed, the definition of done right should always include elements of security, change and testing. In the same vein, Business needs to change its mindset and embrace security, understanding that it is there to deliver a business-centric service to realise benefits, enable business and ensure that change is introduced in a logical, safe and, most importantly, risk-managed manner. In short, when all teams collaborate, security will be successfully maintained PAGE 5 OF 12

and ultimately improved as teams become more security-conscious and embed it as part of business as usual change. MIKE GILLESPIE is director of cyber research and security at The Security Institute. THE ROLE OF IT IN MAKING DIGITAL TRANSFORMATION PROJECTS WORK Gareth Eynon More companies are embracing digital as an essential component of their overall business strategy for the future. But what is the role of IT? Digital can be a nebulous term and, like cloud and big data, it can mean different things to different people. But what is a common factor around this topic is that more companies are embracing digital as an essential part of their overall business strategy for the future. The likes of John Lewis have led the way in implementing large-scale digital programmes in the private sector, and similar moves are taking place across PAGE 6 OF 12

the public sector. From local government and non-profit organisation projects by the likes of Camden Council and the Student Loans Company through to central government initiatives by the Government Digital Service, bodies are rethinking how they use digital channels to interact with the public. While IT will be at the heart of digital services, there is also a requirement for collaboration with other teams within the business that are customer-facing. Marketing and customer service professionals are already staking claims to leadership roles within digital projects alongside IT. However, digital projects are not clean slates. While they aim to provide new ways to interact, digital programmes will often require access to information stored in existing IT silos. These data sources can go back decades. So how can organisations marry the best digital options for serving internal and external customers with these legacy IT assets? At the heart of this is a need to think differently around digital, based on the right mix of people, tools, frameworks and experience around collaboration. It involves creating a mindset change around IT and the business from the beginning, including moving away from conventional approaches to IT operations and towards more agile methods. Digital projects on their own have tended to be more iterative than PAGE 7 OF 12

traditional IT implementations. Part of this is historical: they have been focused on online services and websites to deliver information, where the service can be changed in response to market developments without huge additional expense. Taking a lead from agile, goals are ongoing, rather than fixed and immutable. Contrast this with the big investments that, for example, a large ERP project would entail, both on hardware and software. Making changes in the middle of a project leads to scope creep, change requests and potentially large additional costs. The impact of cloud computing and open source has made this less of an issue, because the cost of implementing these technologies is much lower. In many cases, both open source and agile will need to complement legacy IT for the foreseeable future. To build on legacy, there are approaches that can help make this work. Alongside technical integration around data formats and programming interfaces, there is also the side rather than large-scale projects that take months or years to see through, agile projects are delivered in sprints, usually lasting two weeks. This difference in project length is one of the biggest challenges for traditional IT in its interaction with the business. The ability to provide rapid showcases to demonstrate project progress will become the norm. There are PAGE 8 OF 12

more digital natives in the workplace, and there is an increasing number of people in business roles who are tech savvy. TWITTER MENTALITY This has led to more of a Twitter mentality around IT, which demands faster and more visible project progress and updates. Alongside this, business opportunities move at a much faster pace in the digital world, so IT outputs must keep pace in order to remain competitive, as well as pacifying senior and stakeholders. Managing this mix of projects involves thinking hard about what is presented back to the business over time. By being able to manage the digital front office that is available for everyone to see and evaluate services, IT can improve its ability to collaborate with business teams. At the same time, this front office can help the business side to collaborate with IT by streamlining requirements. This approach is essential to successful collaboration between business and technology stakeholders because it breaks down some of the walls that can exist within an organisation. Another element of digital programmes is the willingness to experiment with new tools and approaches. The perception in many organisations is that PAGE 9 OF 12

IT projects are either successes or failures, with no middle ground. This breeds a risk-averse mindset. Consequently, organisations are losing the ability to make pivots around these new projects and experiments in the way start-ups do. DEGREE OF EXPERIMENTATION One approach to this problem is to look at how the interface with the business stakeholders can enable a degree of experimentation, without it representing a perceived failure. Managing these expectations on the business side can also free up IT to try out new avenues, reducing the risk of exploring solutions with low cost and flexible tech environments and tools. This is an important way to begin collaboration around agile projects with line-of-business teams, if this is not something IT does already. Creating this degree of freedom can make IT more productive and more empowered to take risks. But, at the same time, there must be an awareness of how far that experimentation can go. This ability to make go/no-go decisions quickly is fundamental to the future success of digital projects. For companies looking at digital projects, there are a number of strands that have to be brought together to make their initiatives PAGE 10 OF 12

successful. Just as cloud computing led to CIOs having to flex new muscles around SLA and integration across different platforms, so digital will require the development of new skills and knowledge. This will typically include building a greater understanding around other business units and their requirements, looking at working in more agile and collaborative ways, and learning more about customer needs and behaviours. For CIOs that are willing to embrace a new way of working, digital represents a great opportunity to have a big impact on the future direction of the organisation. GARETH EYNON is digital director at CDG, a digital integrator that helps organisations to implement new strategies and technologies PAGE 11 OF 12

FREE RESOURCES FOR TECHNOLOGY PROFESSIONALS TechTarget publishes targeted technology media that address your need for information and resources for researching products, developing strategy and making cost-effective purchase decisions. Our network of technology-specific Web sites gives you access to industry experts, independent content and analysis and the Web s largest library of vendor-provided white papers, webcasts, podcasts, videos, virtual trade shows, research reports and more drawing on the rich R&D resources of technology providers to address market trends, challenges and solutions. Our live events and virtual seminars give you access to vendor neutral, expert commentary and advice on the issues and challenges you face daily. Our social community IT Knowledge Exchange allows you to share real world information in real time with peers and experts. WHAT MAKES TECHTARGET UNIQUE? TechTarget is squarely focused on the enterprise IT space. Our team of editors and network of industry experts provide the richest, most relevant content to IT professionals and. We leverage the immediacy of the Web, the networking and face-to-face opportunities of events and virtual events, and the ability to interact with peers all to create compelling and actionable information for enterprise IT professionals across all industries and markets. PAGE 12 OF 12

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information