I had an interesting discussion earlier today with a customer about which security problems that exists in real life...and the ones that security vendors invent in order to sell more security solutions. His argument was based around all the "reports" about virus attacks on mobile phones. From time to time there are reports that NOW everybody needs antivirus software on mobile phones because NOW there will be a lot of viruses that will attack your mobile phone. He claimed that NOW has been going on for the last three years and we are still waiting for it to happen.
In a way I guess he is right, this happens in all industries. In my hometown Stockholm a couple of years ago , there was a company that deleted graffiti for trains...as it turned out they hired some local "artists" that painted trains in the evenings to make sure that they had business continuity.
I agree that some security issues are really not that important for all customers but in order to avoid problems companies and organisations needs to start from the right angle... and that is not to figure out which security system to buy as the first order of business. The simple answer is to find out which information that should be protected and balance the cost for protecting it with the business needs. Then it is possible to discuss how to protect the information and from whom. The last thing to do is to go and buy a security solution.
So if you are an Manager and your security people wants to buy an new security solution ...ask for a threat/business analyze or even better, make it together with them. This way it will probably be easier for everybody.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment