|
Information is the currency of enterprises, and the need to secure it has risen tremendously. There is a constant threat that sensitive information will fall into the wrong hands simply by the fact that it is stored in the broadest range of possibilities: datacenters, databases, endpoints, mobile devices, the Web, emails, software as a service (SaaS) applications, etc. This Information is used by employees, contractors, partners, customers, and others. The result is an on-going nightmare for corporate security officers. Until now solutions that effectively and easily protect sensitive information in such a chaotic environment have simply not been available.
A few of the issues they must contend with are:
-
Security officers face an on-going struggle to secure sensitive information in the complex IT infrastructure.
This involves unwieldy expeditions into IT inventory, databases, repositories, applications, and storage. Required resources are almost overwhelming. Such a chore requires the combined efforts of the IT and business departments – just to discover what information is used, where and by whom. And this cumbersome process will only deliver a partial view of the whole picture. A good part remains undiscovered and therefore unprotected.
-
Security officers are at their wits end just to determine who accesses information and therefore can hardly define proper entitlement policy.
Such an endeavor involves acquiring an in-depth understanding of the modes of operation in each of the business departments in an organization. This is basically the only way in which security officers would be able to understand the diverse business processes that revolve around users – internal and external. Even if such a cumbersome process is initiated, there are many tacit business processes that – without interviewing each and every user – would remain ambiguous, at best. Furthermore, security officers cannot possibly acquire more than a superficial understanding of usage of the information among users. We are all fully aware of the broad range of productivity tools that are used throughout an organization – IM applications, Web 2.0, USB storage drives, PDAs, etc. How can security officers restrict the use of such tools without hurting users’ productivity?
-
Current solutions are restricted in scope, complex, and expensive to deploy and maintain.
Current information protection solutions are based on a “catch at the exit” game. Exit points, such as network and Web channels, corporate desktops, laptops, and smart phones, are monitored, to prevent unauthorized distribution of sensitive information. Can anyone possibly believe that an organization can control all of these exits? This challenge seems even more daunting when we consider that every single exit point must be guarded by a “super-genius” gatekeeper who can effectively determine to whom information is intended and take the necessary steps to block unauthorized distribution! Even if we could combine such solutions, the cost of deploying and administering them – over all locations and exit points – would be prohibitively expensive.
What is required is a paradigm shift, to a completely new concept. Instead of chasing after the data in order to discover it, and afterward try to control it at the exits, we need enterprise-level policy with limited IT and business departments’ involvement. We need to incorporate protection and security policy into the data at the moment it is created. Protection will be embedded in all data, wherever it was created, and the protection goes with it wherever it goes. The protection must be intelligent enough so that it will not disrupt legitimate business processes. It must be easily assimilated into an organization’s IT environment without long and expensive deployment and integration processes.
This model is the future of information security…
and Secure Islands is delivering it!
|
