Managing the Changing IT Landscape: Consumerization Security
A recent InformationWeek article by Tom Quillin reminds me that the security landscape is in a state of constant change. IT must figure out how to secure and manage a multitude of mobile devices on increasingly diverse platforms. And the key word is â€śmobileâ€ťâ€”employees often want to work at any time, from any location, with data thatâ€™s accessible from the company network, the Web, or the cloud. Itâ€™s a boon to business productivity, certainly, but it means that IT must secure a moving target.
I recently had a chance to contribute to an Intel IT Center planning guide, Consumerization Security for the Changing Enterprise, which offers some insight on protecting this environment.
The guide explains how hardware-enhanced security can provide layered protection across five security perimeters of your business, from gaining network access to remediating problems quickly when they occur.
- Network â€“ Use authentication technologies to provide access only to known, trusted users.
- Platform(s) â€“ Stop attacks and protect online transactions with added protection below the operating system.
- Applications â€“ Guard against escalation-of-privilege attacks and secure virtualized models.
- Data â€“ Protect sensitive business data with faster full-disk encryption and anti-theft capabilities.
- Remediation â€“ Remotely diagnose, isolate, and repair infected clients in any operational state.
Intel IT deploys dynamic trust to balance security and productivity
Intelâ€™s own IT group deals with the same challenges as other organizationsâ€”finding that balance between security and the flow of information. Intel IT works to deliver layered protection with a â€śProtect to Enableâ€ť security strategy that includes a dynamic trust model.
This trust model adjusts information security controls and access to information based on several factors, such as the employeeâ€™s authentication method, the application they want to use, and the â€śtrust levelâ€ť of their device. It also considers their connection point. Are they onsite or on a public network? How secure is the connection? Intel IT also uses this model to decide when and how sensitive data and services can be moved into the cloud.
I find this approach pretty interesting, as it is very different from the binary security controls we have used for decades.
Do you look at information security with a layered approach to protection? Do you think dynamic controls can apply in your business environment?
#Consumerization #Security #IntelvPro