Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Architecting for Data Security

 
 

Let' Face It: We design our systems to make it easy for users to access information. And we pay much more attention to simplifying access than to ensuring that only authorized users have it.

But companies are now waking up to the fact that the value of their business is inextricably tied to the information in their core systems. And that information can leak out of core systems in much the same way water can leak out of a water heater with a two-inch hole. That is to say, quickly and in large volumes.

An information security or IT administration employee, therefore, must protect the corporate information jewels while not inhibiting access. IT has always had to balance security with usability, but typically hasn't paid much attention to which authorized users could see what information. Yet, in most organizations, most users (authorized or unauthorized) see far more data than they should.

  • 1