Security that doesn't get in the way

I was on the road last week, attending the RSA security conference in San Francisco, which is a great place to run into colleagues. Afterwards, I visited Disneyland, which, despite being in the same state, is surprisingly far away. What do these places have in common? Security.

At the RSA conference, I saw a lot of people I know, which made me realize how much the information security field has grown and matured. In years past, you might occasionally run across a colleague, but it was a notable experience worthy of mention and remembrance. Now, it seems as if almost everybody goes, with all of them using Facebook, Twitter and Skype as the collaboration tools of choice. I caught up with people I hadn't seen in years (and didn't really expect to see again, in some cases) with practically no difficulty. Instant messaging kept me in touch with people over great distances despite the challenges of travel. What this means to me is that technology can really make life easier, and the world smaller.

In the old days, securing our data often meant sacrificing some measure of functionality. Skype and other instant messaging services were forbidden in the company because their peer-to-peer capabilities could lead to inadvertent or intentional information leakage, and various mobile applications were great sources of concern for a security manager. Now that I have implemented real security for mobile devices, I can support this business enabler and protect my company's intellectual property at the same time. I can rest easy (in a relative way) while enjoying the advantages of mobility.

At the RSA conference, I saw many examples of new security technologies designed to make life easier and safer. To me, that's what security should do. I believe that security doesn't have to get in the way of business, and some of the emerging technologies and concepts look like they will one day change the way we think about security controls. Instead of controlling data flow through a choke point, we can now look deep into the network packets to see what's inside, and react accordingly, diverting data, blocking malicious or unapproved content, or even scrubbing out and redacting confidential content. New tools allow us to perform forensic analysis to find hidden or deleted activities on our data devices, even if people or programs try to cover their tracks, without needing to know much about the underlying protocols. And new ways of thinking about, analyzing and modeling threats will soon help us target our countermeasures on the areas of greatest risk.

Security

Disneyland has always struck me as providing a great example of my own philosophy of low-impact, high-effect security. With the use of extensive (but unobtrusive) surveillance, employee vigilance and awareness, and preparedness, Disney provides a safe environment for its customers without annoyance. I had an opportunity to attend a presentation by Disney's CSO at another RSA show a number of years ago, where he spoke about Disney's security awareness program. It was remarkably advanced, and it's still one of the best I've seen. And here at the park, my practiced eye can detect the presence of trained security staff everywhere, and I know the regular employees are also well trained and security-conscious, but they aren't getting in the way of visitors. From my point of view, they are doing it right.

This week's journal is written by a real security manager, "J.F. Rice," whose name and employer have been disguised for obvious reasons. Contact him at jf.rice@engineer.com.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

J.F. Rice

Computerworld (US)
Show Comments

Father’s Day Gift Guide

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?