Curt Franklin just posted an interesting blog at Dark Reading. His point is that security actually happens at three different levels: The Internet "cloud," the forboding "out there" from which most messages (and threats) come; the corporate local-area network (LAN); and the desktop. That means that enterprises planners must consider threats at each of these levels.
There appear to be two different centers of concern. On the operational level, planners must understand how protected their workers truly are by considering whether they are singly, doubly or triply safeguarded against specific threats. As Franklin says, there are scenarios in which it makes the most sense to emphasize the WAN, others at which the most prudent place to take a stand is at the entry point to the LAN, and still others where the desktop is the best battleground.
It's certainly possible to fight the good fight on all three fronts, but that raises a second question: Security costs money, so cutting some justifiable corners makes sense.
To extrapolate on Franklin's basic premise, it seems that the most effective security strategy is one in which there is a high level of coordination across the board. For instance, network access control (NAC), an approach to security that is generating a lot of attention, is based upon knitting together a group of disparate security tools.
As Trusted Network Technologies president and CEO Wain Kellum argued in a recent interview with us, the key to NAC is first carefully prioritizing the corporate assets that need to be protected and then deciding the best way to fulfill those goals. Again, the best path to security isn't the dispatching of a group of isolated "point products," but a well coordinated and planned effort.
That philosophy is taken to the next level by approaches such as security information management (SIM). eIQnetworks CEO Vijay Basani positioned SIM as a management system that can connect the dots between disparate security products and systems. Basani's point is that there is a ton of information being collected by security software, and it rests in different silos. Intrusion detection systems (IDS), for instance, are separate from spam filters. Vital intelligence -- as opposed to static data -- can be amassed by using SIM to break through the barriers between the different technologies.
Franklin, Kellum and Basani were discussing different issues. There is a thread through the commentary, however: Security works best when it is coordinated and managed across the entire system that is being protected. The cyber-world is simply too complex for piecemeal and isloated security tools to work. Savvy, holistic policies -- and the management tools to carry them out -- have never been more important.