Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The Adaptive Trust Defence to Network Security

Justin Chiah, Director and General Manager, South East Asia and Taiwan at Aruba, a Hewlett-Packard Enterprise Company | June 27, 2016
With this tectonic shift from fixed, static wired networks to open, dynamic environments where mobility rules, IT managers are now faced with all new challenges when safeguarding the security of company data and IT systems.

Don't sweat. There's a game plan

1.     A safety code

A basic security policy is an absolute prerequisite for every firm to lay down a description of its core protection controls and its employees' usage of those technologies. Even for a small firm of just two employees, formalising an approach to information security is crucial. Such a policy should cover roles, devices, locations and other contextual attributes.

2.     Administrative guidelines

Organisations should implement enforcement rules that extend from applications to devices to the network. Such an approach should integrate services across MDM, firewalls, IPS and policy engines to deliver common policy enforcement for all sensitive information.

3.     Goal-orientated objectives

IT must measure and monitor user behaviour to ensure that security policies are mapped to business objectives. This will ensure that policies achieve the result of securing corporate information and systems without impacting usability and employee productivity.

4.     Adequate training

Even the most well thought through security frameworks will fail without the requisite employee training.  This should not only include a needs-assessment by employee type, but should also educate employees on why such actions are important and how they can assist in improving corporate security.

5.     Feedback loop

Finally, ensure that IT has a mechanism for employee feedback and a service level agreement in place for how to respond to employee input and requests. Often times IT is able to improve the effectiveness of automated workflows and security policies simply by listening to employee feedback.

#GenMobile is the future of business. In a contemporary, connected world, firms that stick to their old business models and fail to adapt to #GenMobile will struggle against their more flexible, agile competitors. At the same time, firms will have to minimise the risk of data and information corruption or loss.

Organisations need to take an adaptive trust defence to connectivity and data security. How the business world now adapts to the behaviour of the #GenMobile workforce may be the make or break for long term boom or bust. Embracing #GenMobile's penchant for openness, innovation, collaboration and some degree of risk is good - but only when an organization can understand and plan for the security risks these behaviours bring with them.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.