Newsletters Welcome, Guest Log In | Register
Blogs:

Mike Vizard

IT Unmasked

Revealing the Business Value of Innovation

About this Blogger RSS

< Previous | Next >

Subscribe

Sign up now and get the best business technology insights direct to your inbox.

  • Daily Edge
  • CTO Edge Update
  • Business Tools & Templates
  • Aligning IT & Business Goals
  • Maximizing IT Investments

2

Intellectual Property Theft and the Role of IT

Posted by Michael Vizard Oct 16, 2009 5:19:50 PM

Every time there is a report of some major theft of intellectual capital, all eyes invariably turn back to the IT department. And the question that usually gets asked is that with all the money we spend on security, how could this happen?


The latest company asking this question is Ford Motor Co., which is trying to figure out how a former employee allegedly took a large amount of the company’s intellectual capital with him when he jumped ship to join a rival Chinese car manufacturing company. After all, just about every major company has invested in all kinds of security coupled with data loss prevention (DLP) software to prevent just this kind of thing.


The problem is that the way we approach data security these days is largely defined by the way IT sees the world, which is through layers of horizontal products and technologies. What IT doesn’t really have a handle on is what specific individuals have access to what kind of information because they are associated with a specific business process or task. The end result is that IT can set policies that track aberrations in the usage of specific products and technologies, but it has no idea that if a certain file is, for example, open at midnight, chances are that the file in question shouldn’t be accessed outside of normal business hours, and certainly not by the person currently accessing it.


Of course, it’s doubtful we’ll ever be able to lock down everything. But right now we don’t even know what the real risks are. We talk about the need for more identity governance, but in order to really do that, someone from the business side has to be willing to sit down with IT to determine a profile of who has access to what. Otherwise, the divide between IT and the business is only going to become a channel via which the organization's most important information is going to routinely escape.


The next time there’s a major data breach, business users shouldn’t be looking to point the finger at IT. The real issue is that the business side doesn’t want to take real responsibility for how data is accessed and used. We all know that every time one of these breaches happens, it’s because there never was a set of business policies put in place to limit who can access what, when, and how. Once you answer those questions, chances are pretty good you’ll never then have to ask about why something happened in the first place.

Related Content

Add a comment Leave a comment on this blog post.
Oct 16, 2009 6:23 PM Guest Evan  says:

This is a nice article that elaborates what many information security professionals have been telling businesses for years.  Information security is NOT and IT issue.  Information security IS a business issue!
Reply
Oct 18, 2009 10:36 PM Guest Claudia Gabriela Velàzquez Ventura  says:

Hola Mike en primera me encantaste me dejaste impresionada, eres muy atractivo, en segunda hombre intelectual pero porque no pones màs datos en tu perfil, me gustarìa conocer màs de tì y con respeto màs que de tus artìculos, en verdad me gustarìa conocer màs aùn de tì de Mike Vizard, espero que puedas, no te creas que domino el inglès pero si lo entiendo, espero tener respuesta tuya, un beso y cuidate, en verdad me encantaste.
Reply

Related Content

Browse

Topic: Identity Management

Increased security and productivity both rely on efficient identity management

Blog: Intellectual Property Theft and the Role of IT

Article: The Expanding Footprint of the Privileged Identity Management Challenge

White Paper: Buyer's Guide for Identity Administration

Related Topics

Data Loss Prevention, Intellectual Property

Featured White Papers

Browse

Software Forum: Information On Demand Virtual Experience

This interactive virtual forum presents leading IT experts providing the insights you need to turn your information into a strategic driver for innovation, business optimization and competitive differentiation.

Performance Under Pressure: The State of Enterprise Web Application Quality and Availability

This research study finds that Web application issues are an all-too-common problem and examines these Web-based enterprise application issues from two perspectives: that of an online customer and that of a site manager.

Resource Centers

Browse

Laptop Security

Answers to the ongoing challenges of the mobile office: to work anywhere, securely and efficiently.

Featured Whitepapers

Into the Wild: Managing Laptops Outside the Office

Tablet PCs

Powerful and portable computing capacity for today's high-speed, fluid business environment.

Data Deduplication

Data manipulation strategies that make data stores more manageable and reduce the need for storage capacity and its associated costs.

Featured Whitepapers

Minimizing the Impact of Economic Difficulties by Migrating from DAS to Networked Storage

Greening IT with Server Consolidation

Learn how virtualization reduces the TCO of managing your date, while contributing towards your sustainability efforts.

Featured Whitepapers

Faster, Cheaper and Easier to Maintain: Can You Afford Not to Upgrade Your Servers to Today's Advanced, Energy-Efficient Technologies?

Premium Tools

Browse

IT Manager Development Library

Learn all the basics of IT Management: budgeting, staff motivation, business planning and more with this unique eBook bundle.

Learn more >

Windows 7 Upgrade Project Kit

Moving to Windows 7? The Windows 7 Upgrade Project Kit is the ideal support tool for managing all phases of an organizational upgrade to Windows 7. The tools and templates in this kit will help you develop a strategy and map out the implementation tactics which link your Windows 7 deployment to your company's bottom line.

Learn more >