eWeek: How to Alleviate the 15 Top Stressors in IT Systems

Most IT security professionals harbor a certain amount of conservatism: The enthusiasm for all things new and innovative is tempered by skepticism about…

Most IT security professionals harbor a certain amount of conservatism: The enthusiasm for all things new and innovative is tempered by skepticism about security challenges and other issues. Part of this is simply the nature of the industry; after all, it’s the security pro’s job to anticipate risks and develop creative ways to mitigate them. However, this type of caution also leads to the kind of broad thinking and blanket statements that ultimately do little to address individual security challenges on an organizational level. Broad skepticism is particularly prominent when comparing cloud security versus traditional networks. Cloud obviously brings more exposures than conventional on-premises IT. The question we should be asking is not whether there are more security challenges in all IT, but rather how we can refine our individual security postures to manage risks more effectively. This eWEEK slide show queries several highly placed security pros about what IT stressors are on their daily worry lists and asks them to explain their approaches on how to alleviate those pressures.

Stressor No. 4: External Devices/BYOD in the Enterprise
How to alleviate: Almost all enterprises have some form of bring-your-own-device (BYOD) policy because it is inconceivable to block employees from using their mobile devices, tablets or personal devices within the enterprise network. This poses a serious security risk because, once compromised, these devices might be a jumping point to the rest of the network. It is, therefore, crucial to identify, track and control access from these external devices. IP address management (IPAM) and dynamic host configuration protocol (DHCP) management enables users to actively monitor and control these devices. A well-written and enforced BYOD policy is also a must. — Andrew Wertkin, CTO, BlueCat

Stressor No. 5: Vulnerabilities in Open-Source Libraries and Products
How to alleviate: As we saw in the example of OpenSSL, which is used by almost anybody from Google to major banks, a security vulnerability in a commonly used library has an immense impact. To alleviate the risk, an enterprise should choose third-party libraries wisely to ensure that it has a vibrant community support and enough maturity to keep up with emerging security threats. Some large enterprises that rely on these libraries actually support the open-source community actively. —Andrew Wertkin, CTO, BlueCat

Stressor No. 6: PCI Compliance
How to alleviate: The latest Payment Card Industry Data Security Standard (PCI DSS) standard requires logs for external-facing technologies, including Domain Name System (DNS), recorded centrally and presented for forensic purposes. Collecting these logs and centrally managing them for compliancy is a challenge. To overcome this stressor, organizations must invest in solutions that can flex as enterprises move from the center to the edge—and are able to collect all of their DNS data centrally to be PCI compliant. — Andrew Wertkin, CTO, BlueCat

Click Here to Read Full Article

Get in touch

We’re the DDI provider you’ve been looking for.
Drop us a line and let’s talk.

Read more

Everything you need to know about shadow IT

When users implement their own solutions behind the IT team’s back, that’s shadow IT. Learn about the risks and how to manage and reduce it with BlueCat.

Read more
10 best Ansible modules for infrastructure as code

10 (plus a bonus) Ansible automation modules that anyone—from a beginner to a power user—can leverage to transform their network infrastructure to code.

Read more
How an agency IT chief innovated amid bureaucracy

Government IT innovation isn’t easy, but Chad Sheridan did it at the USDA by removing silos, earning top-level buy-in, and moving to a product mindset.

Read more
Lexmark CIO & CTO on recognizing the right use cases for AI

Lexmark CIO & CTO Vishal Gupta wades through the murk surrounding AI, explaining what tech organizations should know when deciding whether to adopt it.

Read more

Products and Services

From Core Network Services to multicloud management, BlueCat has everything you need to build the network you need.

Learn more

Read our blog

Our blog covers all the latest developments in network management, cybersecurity and DNS, with expert insights and opinions.

Our Blog