Consolidation: a new infosec imperative
Fragmented information security systems can lead to weak spots, say experts. Consolidation of tools and streamlining of information management is needed now for proactive IT security.
Information security management needs a holistic approach, says Craig Hockley, regional director for SA and sub-Saharan Africa at McAfee.
"You need holistic protection and a high level of visibility across security paradigms in the enterprise. Addressing multiple security areas with a variety of solutions can result in weak points and areas being overlooked. You're protecting endpoints, networks, data centres, applications, Web and e-mail, mobile, and more. Now, the industry is looking to consolidation and integration to enable enterprises to manage their entire information security ecosystems in a more effective way."
The need for visibility and simplified control is driven in part by the proliferation of devices in use and the BYOD trend, he says.
McAfee's core strategy is to provide integrated security solutions to maximise protection, and it is working with its global Security Innovation Alliance partners to help facilitate this ability to integrate various tools for easier management, and ultimately, better protection, says Hockley.
Andrew Potgieter, business unit manager for Westcon Security, says information security is being addressed as point solutions, leaving weak spots in the enterprise. "Criminals will always target the weakest link," he notes. "Mobile is one of the weak spots."
Gordon Love, Symantec's regional director for Africa, adds: "The historic system-centric approach to information security is past its sell-by date. Now, enterprises need to adopt an information-centric approach.
"If you consider that 1.7 billion smartphones have shipped in 2012, and 64% of enterprises consider the risk of BYOD to be worth the opportunity, it becomes increasingly important to protect the information itself, ensuring that it never resides on the device," says Love.
Heino Gevers, senior sales engineer specialising in information security at Mimecast, believes the biggest security risk facing enterprises today is the BYOD wave, with its associated battle for control of the information on a variety of devices.
"Addressing this requires consolidation of all the electronic information on a single, scalable and extendible platform," he says.
"By consolidating all of the unstructured information from fragmented environments onto a secure local platform in the cloud, and making it available for access remotely through end-user applications of which the organisation has total end-to-end control, reduces the risks posed by cyber crime, as well as the risks to continuity of information and reputational damage caused by connectivity latency," says Gevers.
Getting a holistic view of information security in a BYOD age will come under discussion in numerous talks at the upcoming ITWeb Security Summit. For more information, click here.