By Colin Bartram, Director of Technology, Vector Networks (Page 2 of 6)

Bridging Desktop Management and Security

We have visited large and sophisticated network sites where the two departments, security and desktop management, were clearly highly competitive – fighting for money, kudos and anything else they could scrap over. Which came first – security or desktop management? Did security departments evolve because the systems and configurations being deployed by ‘IT’ were inherently full of holes? When the only way of removing volumes of confidential data was by packing reams of printouts into the briefcase night after night, what was the need for a security department? The problem of data theft has existed since floppy disks were invented, but a USB memory stick fits in the pocket more easily than a floppy disk ever did. Increasing numbers of people working in mobile mode make someone walking out of the office with a laptop a common occurrence.

Today the lid of the Pandora's box of asset and data security is well and truly opened and it's hard to see how it is going to be shut again any time soon. Dealing with the evil spirits flying out of the box is largely a challenge for those charged with security. It is easy to say that the lid should never have been taken off, but could it ever have been kept on?

  • How could we prevent data being written to removable – even just ‘movable’ – media?
    • o Unless totally server based, with thin clients, no local data storage on any form of device, any ports blocked, and perimeter and network access management checking any system that connects to the network.
  • Uncontrolled movement of media
    • Tracking of every media device, prevention of an ‘unauthorized’ media device being connected in the first place.
  • Data movement without media - emailed to anyone, anywhere
    • Very strict email and content regulation – but how practical is it to distinguish a legitimate spreadsheet from a non-legitimate package of data.

One thing is certain: minimizing the risk to the organization requires the two departments – Security and Desktop Management - to talk. They already do, as necessitated by day-to-day operations, because Security needs desktop management to deploy security products and maintain their configuration, but cooperation could be a lot stronger and a lot more strategic.

The introduction of a locator technology can be the catalyst for more strategic cooperation. Without exception, the situations into which Vector has introduced RFID through one of its industry partnerships have been security driven. Expenditure is justified in part on the basis of the horrendous consequences of confidential data loss, and also on a more straightforward assessment of the reduction in the total costs of replacing lost assets. (Gartner assessed in September 2004 that a single mislaid laptop can cost a company more than $6,000 for hardware, software, user downtime and restoring data – assuming it was backed up in the first place.) However, when the concept of current asset location, and location history, is presented to those responsible for delivering the Change, Service, Incident and Configuration Management processes, the adoption is usually immediate. Let's look next at why that is.

Next page: ITIL – the role for Location Information »

« Return to the start

Old content, visit our new web site

You are viewing an old web page, please click here to view our new web site with our latest products and content. If you'd like to continue reading this content, please click here but be advised some details might be out of date.

Software Asset Management

IT Asset Management

IT Service Management

PC Remote Control