Don't fight security cancers with aspirin
When it comes to security, we have met the enemy and it is most definitely us. That concept may be hard to swallow for a lot of people in IT, given the fact that they spend a large percentage of their time thwarting attacks from both outside and inside their company. But the truth is the circumstances that have let this situation come about are directly related to the weak infrastructure that is in place today and the inability to effectively manage end-user access to strategic resources.
The latter issue has been addressed in recent months with a wave of identity-management offerings solving two key issues that let security holes grow big enough to drive trucks through. Managing end-user access and authorization is an expensive proposition for IT organizations.
[ Read more ]