Security that doesn't get in the way

I was on the road last week, attending the RSA security conference in San Francisco, which is a great place to run into colleagues. Afterwards, I visited Disneyland, which, despite being in the same state, is surprisingly far away. What do these places have in common? Security.

At the RSA conference, I saw a lot of people I know, which made me realize how much the information security field has grown and matured. In years past, you might occasionally run across a colleague, but it was a notable experience worthy of mention and remembrance. Now, it seems as if almost everybody goes, with all of them using Facebook, Twitter and Skype as the collaboration tools of choice. I caught up with people I hadn't seen in years (and didn't really expect to see again, in some cases) with practically no difficulty. Instant messaging kept me in touch with people over great distances despite the challenges of travel. What this means to me is that technology can really make life easier, and the world smaller.

In the old days, securing our data often meant sacrificing some measure of functionality. Skype and other instant messaging services were forbidden in the company because their peer-to-peer capabilities could lead to inadvertent or intentional information leakage, and various mobile applications were great sources of concern for a security manager. Now that I have implemented real security for mobile devices, I can support this business enabler and protect my company's intellectual property at the same time. I can rest easy (in a relative way) while enjoying the advantages of mobility.

At the RSA conference, I saw many examples of new security technologies designed to make life easier and safer. To me, that's what security should do. I believe that security doesn't have to get in the way of business, and some of the emerging technologies and concepts look like they will one day change the way we think about security controls. Instead of controlling data flow through a choke point, we can now look deep into the network packets to see what's inside, and react accordingly, diverting data, blocking malicious or unapproved content, or even scrubbing out and redacting confidential content. New tools allow us to perform forensic analysis to find hidden or deleted activities on our data devices, even if people or programs try to cover their tracks, without needing to know much about the underlying protocols. And new ways of thinking about, analyzing and modeling threats will soon help us target our countermeasures on the areas of greatest risk.

Security

Disneyland has always struck me as providing a great example of my own philosophy of low-impact, high-effect security. With the use of extensive (but unobtrusive) surveillance, employee vigilance and awareness, and preparedness, Disney provides a safe environment for its customers without annoyance. I had an opportunity to attend a presentation by Disney's CSO at another RSA show a number of years ago, where he spoke about Disney's security awareness program. It was remarkably advanced, and it's still one of the best I've seen. And here at the park, my practiced eye can detect the presence of trained security staff everywhere, and I know the regular employees are also well trained and security-conscious, but they aren't getting in the way of visitors. From my point of view, they are doing it right.

This week's journal is written by a real security manager, "J.F. Rice," whose name and employer have been disguised for obvious reasons. Contact him at jf.rice@engineer.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

J.F. Rice

Computerworld (US)
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?