NetworkWorld’s Tim Greene takes on the issue of information security and corporate resources this week. The piece focuses on John Pironti’s, president of IT Architects, talk at the Interop conference in Las Vegas.
Pironti asserts, industry compliance standards don’t fully protect organizations from security leaks, and in many cases, outsourcing has added to the problem. While Pironti’s stance seems intuitive, the truth is, organizations often take information security for granted, culling a false sense of security from compliance standards or automated technology.
Martin Hack, EVP at NCP, has long been an advocate for organizations taking greater care in provisioning employees on-and-off the network. He says, organizations sometimes neglect to immediately provision dismissed employees off the network, leaving it hugely vulnerable to data leaks. More innocuous scenarios, like connecting to the network remotely or giving network access to business partners or consultants, can also cause data leakage.
This is why using a secure VPN is so critical. After all, how frequently do IT professionals meet with senior financial officers at a company to make a case for corporate resources? It’s unfortunately common for IT professionals to assume that those allocating the resources understand the importance of information security. But in this business environment, where budget talks frequently disintegrate into outright land grabs, departments have to be bolder than ever.
What do you think? Are IT departments doing enough to be in front of CFOs? Let us know your thoughts.