Premium Content

Access "Apply manufacturing management techniques to information security"

Published: 22 Oct 2012

Total Quality Management isn't just a gimmick. Its techniques are helping improve information security. After years of waiting, I've decided the profession is ready to know the truth: what we are doing is essentially a form of Total Quality Manage-ment (TQM). I know what you'll say--it's a fad, a gimmick, a buzzword that lacks substance. At best, it is a manufacturing technique that has absolutely no relevance to the practice of security. Anything that's appeared in so many airport bookstores has to be superficial, right? There are a lot of misapprehensions about TQM, so let's start with what it isn't. It does not imply a rigid and objective quantification of human activity, and it's definitely not a mechanism for the calculation of security ROI. To be fair, today's TQM owes a significant debt to the pioneering research of Frederick Taylor, whose methodical time and motion studies demonstrated things such as the relationship between the density of a bulk material and the optimal size of a shovel. While statistical controls are still important, they do not ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

    • Security services firms: When and how to choose the right consultant

      Learn when to hire a security services firm, how third-party consultants can help managers, how much it should cost and how to choose the right firm.

    • Product review: RedSeal Systems' RedSeal Security Risk Manager

      Red Seal Security Risk Manager allows security administrators to model and manage threats to corporate assets and networks. This product review looks at how the risk management tool rates in effectiveness, ease of setup, reporting and overall quality.

    • Product review: nCircle Configuration Compliance Manager

      nCircle Configuration Compliance Manager brings policy compliance and secuirty management into one centralized software suite. It provides vulnerability scanning via third-party scanners such as Nessus. This product review rates the software's ease of installation, features and effectiveness.

    • Product review: eEye Digital Security's Blink Professional 3.0 by Steven Weil, Contributor

      eEye Digital Security's Blink Professional 3.0 is a host-based multi-layered threat mitigation and intrusion prevention product for protecting Windows computers. This product reviews evalutes the software's effectiveness and management, policy control and reportinf features.

    • Product review: Unified threat management (UTM) devices

      Unified threat management devices consolidate several network security functions into one product. This article evalutes six UTM appliances; each had to act as a firewall and virtual private network and provide antivirus, Web content filtering, intrusion prevention and antispam protection.

    • SIMs maturing and suitable for mid-market

      Security information management systems (SIMs) tools have expanded with more capabilities such as active threat response. The broadening of the technology will provide security managers with a sharper view of their overall security posture.

    • Encryption key management blunders can render deployments useless

      Encryption sounds like an ideal way to protect data but key management, including accountability, training, and enforcement of password complexity, are challenging.

    • Product review: Identity Engines' Ignition Server

      Identity Engines' Ignition Server manages access controls across disparate directory services platforms (Active Directory, LDAP, eDirectory) by consolidating them into a single user store.

More Premium Content Accessible For Free