Helping clients manage their technology for over 30 years.

Dangerously vulnerable: 3 quick (and scary) anecdotes

How secure are the data, applications, systems, and networks your business depends on? If you’re like too many of the executives I talk to, you may believe all is well — but only because you haven’t asked the right questions.

One executive told me recently, “We’re cool; we haven’t had to touch our firewalls in three years.”

Continue reading

6 security questions to ask about your data and who gets access to it

It’s easy to tumble backwards into information security, to let yourself get sidetracked into arcane, hard-to-follow discussions about the innards of technologies and products when in fact you need to be thinking through higher-level strategy and policy.

If, for instance, you don’t actually know yet whether your business would benefit from using encryption, listening to the sales pitches of competing encryption product vendors is a waste of time.

Continue reading

Security that works starts with the right business decisions

Effective information security is gravity-fed: It starts at the top and works its way down, always beginning with a strategy explicitly designed to protect business value. That strategy then gets implemented via an over-arching security policy or plan.

Developing information security strategy and policy centers on making the right business decisions. Once you do that, what seems the most daunting part of information security — choosing the appropriate technologies — becomes much more transparent.

Continue reading