Careers & Certifications

05:00 AM
Connect Directly

Survivor's Guide to 2007: Security

This year, security pros will finally get in the groove and refocus on security's primary task: Locking down your company's assets. To get there, however, you need a formidable arsenal.



This year, security pros will finally get in the groove and refocus on security's primary task: Keeping corporate data safe. Easier said than done as insecure, albeit innovative, SOAs and Web 2.0 technologies take off like rockets in the enterprise, chased by incredibly motivated attackers. Beating developers and app vendors over the head while demanding impenetrable code may be cathartic, but it will get you nowhere. Instead of pointing fingers, look to innovative XML and SOA security appliances. Protecting endpoints will get easier as well, thanks to developments in active protection and scanning tools.

As for compliance, can we have some sanity? Rather than fighting the inevitable, embrace the spirit by reconciling internal and external security policies and postures, and welcome external auditing--face it, it's a good and underutilized practice. Yes, you'll still hear way too many product pitches that promise magic bullets. No, there isn't one, but vendors have made strides. Database protection is finally mainstream, for example. Now, you need to figure out where sensitive data resides on your network. The same is true of applications: Knowing what Web servers have been thrown up outside of IT and what data they're offering--and to whom--is a big job. Ensuring that those applications are locked down is an even larger task.

1 of 9
Comment  | 
Print  | 
More Insights
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Twitter Feed