Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Securing the foundations of a modern organisation

Kurt Roemer, chief security strategist, Citrix | March 8, 2012
So, how and where do you start to develop a modern security strategy?

Security times are changing

Completely eradicating risk from an information security strategy is wholly unrealistic. However, the introduction of a forward-thinking and modern information security strategy can considerably reduce the vulnerability of an organisation.

A modern information security strategy must ensure protection, privacy and compliance for sensitive data while maximising productivity and allowing unfettered growth. The centralisation of data and applications in the data centre is widely viewed as the best way to secure an organisation's IT infrastructure and desktop virtualisation is the key enabling technology. This gives organisations a better way to secure information and manage risk, while giving IT departments the necessary control and visibility over that information.

In fact, according to the Citrix Global Security Index, 97 percent of senior IT decision makers surveyed expect desktop virtualisation to help their organisation respond to new and emerging security threats. Many also cited access management and activity monitoring, as well as the ability to support a wide range of user devices as key benefits to the technology.

Regardless of the device used or the access method, a modern information security strategy ensures security while maximising access and maintaining compliance. Indeed, 90 percent of respondents in the Citrix Global Security Index indicated that avoiding non-compliance was a further benefit that desktop virtualisation offers.

The implementation of a modern information security strategy is a clear departure from traditional IT thinking. It is a step that organisations must consider as current practices become ineffective, the number and sophistication of potential threats grows and workers continue to adopt BYO, mobile workstyles and workshifting.

Secure by design

Organisations should take a 'secure by design' approach, which is enabled by desktop virtualisation. The security features inherent in this technology strategy were highlighted in the recent Citrix Global Security Index where three of the six principal benefits that IT decision makers attributed to desktop virtualisation, were security-related.

The centralisation of data in the data centre, its encrypted delivery to the endpoint and ability to isolate data on the endpoint if working offline all enable secure access for any worker, anywhere and on any device. This is managed through the implementation of granular access control policies.

These policies deliver extremely detailed breakdowns of each worker's data and application access rights. The control policies also allow the IT department to appropriately and automatically adjust worker access rights if and when necessary. Integrated technologies support any enterprise- or worker-owned device with the secure delivery of desktops and applications, alongside comprehensive compliance monitoring.

In the past, organisations reacted to heightened security threats by locking down access and forcing workers to operate within the corporate LAN connection. Although potentially secure, these actions significantly limited worker productivity. In today's uncertain economic environment, a legacy security strategy and a locked-down workplace environment are no longer acceptable because they simply do not allow the required business agility and mobility.

 

Previous Page  1  2  3  Next Page 

Sign up for CIO Asia eNewsletters.