This Content Component encountered an error

PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2010

Julie Myers: Implementing an information security strategy in a decentralized environment

In many institutions of higher education, computing environments are generally characterized by some degree of decentralization, with greater decentralization in large research universities, according to a report by M. Santosus. There are certainly advantages to fulfilling the needs of individual users and groups, to the greatest degree possible, with decentralized computing environments. However, information security is inherently a central function. The information security paradigm --you are only as strong as your weakest link -- recognizes that we must be able to measure the effectiveness of information security policies, technologies, and programs at the lowest levels of the organization. In addition, since the university as a whole is the registered legal entity, the institution implicitly assumes all liabilities, including those that might be due to the lack of security in any one departmental unit. At the University of Rochester, we have learned that successful information security programs depend on mediation by someone...

Features in this issue

Columns in this issue