In any absolute sense, experts say, the answer to the critical question above is simply No. But enterprises that depend on IT today--and which of them doesn't?--cannot allow this daunting prospect to undermine efforts to provide a secure IT environment.
What's more, security is getting more worrisome, not less. Wholesale use of the Internet has increased the risks, as companies and government agencies open up their information lodes to the world. Almost no one suggests that organizations can compete by doing otherwise.
Where does an organization start in building a secure foundation for its IT? It is a holistic problem, without beginning or end. Without secure communications and a secure IT infrastructure, other efforts may be merely cosmetic. Without a belief in the value of security in the minds of nontechnical users and management, a solid technical implementation may be wasted.
And, like nearly everything else, security involves trade-offs. How much of it you need versus how much you are willing to pay for it; and how great an impact on system performance and flexibility you are willing to accept are two of the toughest choices.
In trying to address some of these issues, this month UniForum's IT Solutions presents a pair of articles on topics that must be considered together as well as on their own merits.
Integrity: Keeping IT Pure deals with unauthorized modification of system and network software and data files. Every level of IT, it seems, potentially is subject to changes whose results can range from annoying to disastrous.
Confidentiality: Keeping Data Almost Private points out the importance of assuring that information be shared only with those who ought to see it. Everything from consumer confidence to national security may depend on it.
Another feature, Leveraging Databases Through the Web, presents a good example of why these issues are so potent. The competitive advantage that can accrue from allowing outside users to access information stored in company databases is powerfully attractive, but imagine the risks of doing this incautiously.
As always, our features are intended to provide solid information your organization needs to know to face today's challenges. Please let us know how well they succeed in that mission.
--Jeffrey Bartlett