This article can also be found in the Premium Editorial Download "Information Security magazine: Spotlight on the incident response hot seat."
Download it now to read this article plus other related content.
After a year of work, Perez has achieved many of his goals: a consolidated security infrastructure, a hardened network that is easier to maintain and reduced enterprise-wide operating expenses.
Perez projects an initial savings of $2.5 million through the reduction of existing maintenance and support charges and resource distribution, among other expenses. By the time the project wraps in early 2006, United will have consolidated 22 security application servers into four in each of its 10 data centers nationwide, while supporting as many as 7,000 users.
According to Perez, the savings will be ongoing, but it's too early to project an ROI because the project's overall cost isn't clear.
"With more eyes, we have been able to see a lot of things that we never saw before," Perez says. "We really are able to provide better security now, with more people examining the logic of it."
Ironically, though, the restructuring hasn't reduced United's security head count or spending. In fact, Perez expects to add more people as United continues to address the need for compliance with regulations, such as Sarbanes-Oxley.
Perez believes that the rearchitecture project will actually keep head count far lower than if the airline had to support the decentralized infrastructure.
What he learned along the way, though, is that rearchitecting for security isn't a once-in-a-lifetime event or something forced through a crisis. Reassessing and
"We shouldn't ever be resting on our laurels," Perez says. "We should constantly be re-evaluating and reassessing our environment. We should never get complacent."
This was first published in March 2005