Access your Pro+ Content below.
Risk management must include physical-logical security convergence
This article is part of the June 2009 issue of Information Security magazine
RICH GRASSIE is IT's version of a matchmaker. Many times he's united people you'd think on the surface would have no shot at a sustainable relationship. But Grassie knows how to connect disparate entities, especially when he hitches those guards with guns to geeks guarding GUIs. Converging physical security with IT security inside the enterprise isn't easy, but it's a labor that Grassie, principal consultant with TECHMARK Security Integration of Massachusetts, says is worth the bother, especially for large companies branching out globally with new services. Convergence affords organizations the opportunity to align security with overall business goals, streamline business processes such as provisioning and investigations, and centralize security operations and policies under one office. There are significant barriers to these unions; political and cultural disputes are often the tallest to hurdle, and companies cannot ignore the integration required to get a central view of physical and logical systems. "We look at it as a ...
Features in this issue
One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.
If your organization is serious about managing risk and total asset protection, then physical-logical convergence is a necessary step.
Vendors loosely using the term cloud computing are causing confusion for users in the market for buying and securing these services.
They've come a long way from the early days of log aggregation and correlation; enterprises now glean value from SIMs for compliance, visualization, and even overall business intelligence.
Columns in this issue
Cloud computing carries risks that enterprises need to weigh before they forge ahead.
The economy is forcing organizations to be more resourceful and bury the hatchet. And that's a good thing.