In-depth

Secure business transformation

Davey Winder investigates how to best protect enterprise networks and data while embracing BYOD, cloud and virtualisation.

In a rush to embrace the latest transformational business technologies, many enterprises unwittingly leave themselves, and their data, vulnerable to attack.

With the move to cloud computing applications and services, the shadow of Big Data looming large and the all-encompassing and ever-present mobility acronym of BYOD comes an escalating set of increasingly complex cyber-attack vectors. The potential for data breaches, business disruption and reputational damage should not be underestimated during transformational times. The good news is that secure business transformation is no pipe dream. Indeed, it's very much an enterprise reality for those who have taken the time to acquaint themselves with the risks and how best to mitigate them.

We have seen the aftermath of enough IT security disasters to know that while it may seem expensive to spend money to avoid the risk of something happening, the cost of not spending that money can dwarf that spend.

Understanding the threat

As transformation projects take shape and start to be implemented it is important that enterprise security is aligned with the business. If it isn't, IT will find itself in the undesirable position of playing catch up. The concern then is that the channels via which data is uploaded and downloaded to and from the corporate network will become a serious security blind spot.

"To ensure that this doesn't happen, organisations need to look beyond the de facto technologies such as encryption and move towards managing document access and availability through application controls," says Tom Salkield, professional services director at Integralis.

It's all a matter of balance if you think about it, as cyber criminals will look to take advantage of moments of security instability that are created when new business technology trends are being introduced. "It is imperative that organisations implement balanced cyber securities to mitigate against this period of instability," warns Dr.Jarno Limnell, director of cyber security at Stonesoft.

"The era of siloed security across the organisation is over. New approaches to security should incorporate pro active strategies seeking to process early signs of danger, build scenarios, enable live-testing, observe behaviour trends and be constantly updated with hackers' latest thinking, tools and methods." In other words, a holistic, 360 degree , 24/7 view over an organisation's entire system of networks, inventories, processes and events is required to enable standardisation and rapid security decision-making across the enterprise.

Striking a balance between digital risk and business reward is essential, but precisely what this consists of is entirely subjective to the organisation involved. It's also dependent on the amount of risk they are willing to take in order to accomplish a specific investment return Dr Limnell argues. "Business leaders need to be wary of the dangers of being blinded by technological innovation, which can potentially dilute strategies and ultimately cause detriment to business enablement and security planning," he adds.  

Featured Resources

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Simplify cluster security at scale

Centralised secrets management across hybrid, multi-cloud environments

Download now

The endpoint as a key element of your security infrastructure

Threats to endpoints in a world of remote working

Download now

2021 state of IT asset management report

The role of IT asset management for maximising technology investments

Download now

Most Popular

Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

21 Oct 2020
What is Neuralink?
Technology

What is Neuralink?

24 Oct 2020
Hackers demand ransom from therapy patients after clinic data breach
Security

Hackers demand ransom from therapy patients after clinic data breach

27 Oct 2020