Access "Julie Myers: Implementing an information security strategy in a decentralized environment"
This article is part of the October 2010 issue of Security 7 Award winners and the latest on effective security awareness
In many institutions of higher education, computing environments are generally characterized by some degree of decentralization, with greater decentralization in large research universities, according to a report by M. Santosus. There are certainly advantages to fulfilling the needs of individual users and groups, to the greatest degree possible, with decentralized computing environments. However, information security is inherently a central function. The information security paradigm --you are only as strong as your weakest link -- recognizes that we must be able to measure the effectiveness of information security policies, technologies, and programs at the lowest levels of the organization. In addition, since the university as a whole is the registered legal entity, the institution implicitly assumes all liabilities, including those that might be due to the lack of security in any one departmental unit. At the University of Rochester, we have learned that successful information security programs depend on mediation by someone who knows the members of the ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Nick Mankovich: Maintaining health care privacy and security
by Nick Mankovich
In the world of health care, the more we value privacy, the harder we work to protect it.
-
Information Security magazine Security 7 Award winners
Information Security magazine annouces the winners of its fifth annual Security 7 Awards.
-
Learn about database security auditing tools
by Adrian Lane, Contributor
Database administrators are overcoming their distaste for database auditing tools; compliance and security are turning the tide.
-
Brian Engle: An effective information security program requires ongoing monitoring
by Brian Engle
A successful information security program uses ongoing oversight and monitoring to manage risks.
-
Christopher Ipsen: Government transformation through technological innovation
by Christopher Ipsen
The economic crisis gives government entities the opportunity to change for the better.
-
Nick Mankovich: Maintaining health care privacy and security
by Nick Mankovich
-
-
How to build an effective information security awareness program
by Lance Spitzner
The "people problem" continues to hamper information security efforts; what can be done about it?
-
Ezzie Schaff: Fighting online fraud requires delicate balance
by Ezzie Schaff
Countermeasures for thwarting Internet fraudsters must be balanced with customer service.
-
Blanca Guerrero: Online banking security is a balancing act
by Blanca Guerrero
Online banking security requires providing users with choices in order to minimize risk without becoming intrusive.
-
Julie Myers: Implementing an information security strategy in a decentralized environment
by Julie Myers
Implementing data security in a decentralized organization requires a collaborative approach.
-
Information security market consolidation
Flurry of acquisitions in information security industry expected to continue through 2011.
-
How to build an effective information security awareness program
by Lance Spitzner
-
Columns
-
Information security risk tolerance
by Susan L.T. Neubauer
Has regulatory and other guidance missed the most important aspect of information security?
-
A career in information security is often best served by staying put
by Lee Kushner and Mike Murray
Sometimes the best job is the one you have; it's the best place to build skills and develop new ones.
-
Information security professionals offer insight
This year's Security 7 winners offer advice for tackling enterprise security challenges.
-
Information security risk tolerance
by Susan L.T. Neubauer
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...