Access "Layer 8: Debating policy vs. technology"
This article is part of the May 2005 issue of Keeping on top of risk management and data integrity essentials
Enterprises can't afford to get caught up in the technology vs. policy enforcement debate. It's always difficult to exert control over your IT systems' use. Unfortunately, many decision makers have only a dim understanding of the effects their control mechanisms have on the enterprise and their users. In Code and Other Laws of Cyberspace, Lawrence Lessig suggests a four-factor model to help security managers understand the issues that establish IT system activity. According to Lessig, user activity is shaped by policy, culture, economics and technology. To varying degrees, controls can be implemented within each factor, yet effective risk reduction is accomplished through the overlapping of these factors as synergistic layers. If you assume that control is determined solely by policy and technology without taking into account the cultural and economic factors, you'll have a classic recipe for frustration. Likewise, you can't presume that technology or policy alone will compel good behavior or policy compliance. In Lessig's model, policy refers not only to ... Access >>>
Premium Content for Free.
Desktop Security: GreenBorder Enterprise Security
GreenBorder Technologies' GreenBorder Enterprise Security Solution
Snapping on SNMPv3
The ubiquitous management protocol is more secure, but upgrading isn't simple.
Hot Pick: Polivec Compliance Management System 3.7
Polivec's Polivec Compliance Management System 3.7
It doesn't come easy when you federate identity management.
SonicWALL's PRO 1260
Big Brother's Watchful Eye
Our survey finds that enterprises are spending big on management systems to meet regulatory requirements.
- Desktop Security: GreenBorder Enterprise Security
Recent Releases: Security product briefs, May 2005
Read about the information security products released in May 2005.
Keeping the Data & Oil Flowing
When ChevronTexaco puts a drill in the ground, it must live with that decision for decades. Risk management and data integrity are essential.
Secure Reads: The Art of Computer Virus Research and Defense
Read a review of The Art of Computer Virus Research and Defense.
Instant Messaging: Akonix L7 Enterprise 4.0
Akonix Systems' Akonix L7 Enterprise 4.0
Vernier Networks' EdgeWall 7000 series
- Recent Releases: Security product briefs, May 2005
Layer 8: Debating policy vs. technology
Logoff: Let's not cheapen information security certifications
Dollars & Certs
Perspectives: Windows Server 2003 security stands up
One study concludes that Windows Server 2003 is more secure than Linux.
Ping: Bruce Bonsall
MassMutual's Bruce Bonsall
Editor's Desk: Targeted malware
- Layer 8: Debating policy vs. technology
More Premium Content Accessible For Free
In this special issue, we are revealing the winners of our Security 7 awards. This is the ninth year we've handed out the Security 7 awards, which ...
IT Decision Center
Learn how to evaluate your potential endpoint solution and its ability to integrate into your environment.
IT Decision Center
Learn the different options of endpoint protection software and how each feature helps to detect and stop malicious behavior.