|
In most enterprises, there is no single coordinated place that security
purchasing decisions are made. That is part of the problem many businesses
are having.
A typical situation is that one groups runs the company Web servers, and
they provide whatever security products those servers use. Another group
is responsible for desktop services, e-mail, etc., and that group makes
security purchase decisions for those products. If the company has a CIO,
the CIO office will often mandate certain security products to be used,
usually without coordinating with the two groups above. Individual offices,
or even users, might procure their own security products, as well.
It is rare to find a company that has a single decision point. The most
effective
companies will have their IT support reporting to the company CIO, and they
will be responsible for all IT within the company. This includes desktops,
servers, firewalls, networks and anything else needed. In this way, they
can develop an appropriate security architecture for the company and procure
products to implement that architecture. So, the head of the IT support or
the CIO would be the decision point for security purchases.
For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Budgeting for Security
Featured Topic: Security Budgets
Executive Security Briefing: Security spending a necessary evil
|
