Interview with Troon Golf's Cary Westmark
This article can also be found in the Premium Editorial Download "Information Security magazine: Does security make the grade in Windows Server 2008?."
Download it now to read this article plus other related content.
Troon Golf is the third-largest golf management company in the world, with 200 facilities under management. Like most large enterprises, security is a major concern. But, for vice president of IT Cary Westmark, the security of his far-flung network and compliance with myriad regulations must be balanced with the need to be economical with his choices.
What is your biggest security challenge these days?
Compliance issues; that's what keeps me up at night. We don't have to worry about SOX per se, but we try to adhere to a lot of the regulations. My biggest fear is having a facility get fined by either the credit card industry or being sued because we're out of compliance with FACTA (Fair and Accurate Credit Transactions Act). I feel, because we don't have a lot of remote access and don't have a lot of servers sitting on the Net, that we're pretty safe. My biggest concern is there are a lot of things included in PCI that makes it really hard for small businesses to comply.
How much does unified threat management help with compliance?
A lot, for sure. Instead of having four or five devices, you have it all in one device, so it definitely makes a difference. If you're going through and trying to check off all of these boxes on compliance, it
| helps to have everything right there in front of you.
Does the idea of having all of your assets in that one box cause you any anxiety?
I was concerned with that. As an IT guy, you don't want to have all your eggs in one basket. But we were having to be frugal initially. We didn't choose UTM as much on its capabilities as much as what it cost to implement. Over the last three years now, I can't even tell you the last time we've had our firewall down.
Along those same lines, are you anxious to see more non-security companies build security into their products?
I think that it's good for companies that are making the on-premise appliances to evolve their products to provide better and stronger and more security features. I want to continue to see that. People will look at that from a cost-savings perspective.
Read the complete interview at searchsecurity.com.
This was first published in February 2008