If you have listened to any news reports lately, there have been a lot of stories about IT Security, cyber security or data breaches etc. These are scary times. It is the job our IT security departments to make sure corporate data is secured and protected from the misguided and misused adventures of hackers and rogue employees. To secure corporate assets where no man has gone before. This role is very important to any organization.
I was in a meeting recently when a coworker asked the question about corporate security and if new projects are looked at and implemented with the overshadowing of IT security rather than the true functionality of an application that could really help business partners to perform their jobs better. Does this sound familiar to anyone? I am not discounting the value of keeping corporate data and devices secured but when something is basically a hardened rock that cannot function for the betterment of the end-user or business what value does it have? How do you think the business entity that may use an application or piece of hardware that is so hardened that is barely functions will use or “enjoy” the new application or hardware? Will it still server the business unit the way it was intended? Will the initial benefits of the product still be realized? If not, why is all the time, money and effort being spent to give bad experience or product that doesn’t server the end-user as it was intended.
The unfortunate part of being in IT is that you then get associated with security. I often hear statements like “well you guys lock everything sown so I can’t do anything.” End user’s don’t understand there is any difference in departments and in some organizations, if you can spell IT, you are the whole department, IT security, It application, IT network etc.
As an IT organization security cannot be discounted,yet we need to balance the efforts of applications, security, business requirements and uses. When planning these efforts, understand the business uses and needs first, document requirements, then implement security around the agreed upon requirements. Is it easy? No, but any good result takes an effort.
How Can I Help You?