Security Best Practices, Linkous-style
September 25, 2009
Secure Your Stuff or you'll be a pillar of salt
eIQ’s own security and compliance evangelist John Linkous took some time to step away from his bully pulpit to contribute a list of practices for Linda Musthaler’s Network World column. Although he’s no Jim Bakker, John can sling security fire and brimstone with the best of them. He provides some good food for thought for any security professional. Check it out and be converted.
The Not So Easy Button
February 26, 2009
Customer profiles in the tech press are usually pretty enlightening. First of all, it’s pretty hard to get any customer to talk about what they are doing from a security standpoint, so they usually have something decent to say. Additionally, this profile on SearchSecurity had to do with log management, so of course it was of great interest.
The customer (from Visiting Nurse Service of NY) did a great job of discussing the issues with his first vendor, who was evidently pretty unresponsive to his calls for help in configuring the device effectively. I guess big companies can be like that.
So he then proceeds to roll out a new environment, using a dedicated log management device and another separate device (actually two of them) for SIM/correlation functions. And that is easy? I get that it can help solve the problem, which is both security operations and compliance, but it would seem to me there has got to be a better way than to pay twice for what should be included in the security and compliance management platform.
Hey, if this guy wants to pay *more for less*, that’s his business. But in this kind of economic environment, the idea of an integrated platform provide both SIM and log management (and configuration assessment, performance monitoring, as well as network behavioral analysis) provides a much stronger value proposition and is far more in line with the cost containment mentality we all need to stay focused on.
Photo credit: mag3737
