I’ve found this article by Matt Hines, called “Security experts pitch culture of data” quite interesting:
“The companies that are having the most success in advancing their data security efforts today are those that are finding a way to protect sensitive information without getting in the way of business users, industry experts maintain.
In crafting their data-handling policies and selecting from the multitude of security technologies at their fingertips, those businesses that can foster both ready access to information, along with strong defenses for end-users and IT systems, are making progress the fastest, claim leading vendors and service providers.
After years of "throwing technologies" at the data security problem while juggling complex business demands along with external threats and regulatory compliance audits, some businesses are finally discovering that they can simplify the entire process by taking a more comprehensive approach to tailoring their programs to the manner in which their users access, handle, and share information. …”
It would also be interesting getting some concrete examples, e.g. how this could be achieved for identity data, where related policies dictate goals and expectations from (sometimes contradictory) business, security and privacy perspectives.
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment