I fight for the users

www.jwgoerlich.us J Wolfgang Goerlich's thoughts on Information Security
	Home Blog Archive Contact Subscribe

<< Malware Removal Guide for Windows | How sophisticated are sophisticated attacks? >>

By wolfgang. 12 October 2011 07:31

There is no patch for stupidity. L-users. Pebcak: problem exists between chair and keyboard. ID10T error. We had everything secure, but then we had to let the users on. We have all heard the jokes.

The problem is that this mindset sets us up against the users.

Corporate security teams need less "I fight the users" and more "I fight for the users". Yes, I am quoting Tron. Here’s a clip with the iconic line:

Tron: Legacy clip on YouTube
http://www.youtube.com/watch?v=vGG5vwH7mm4&t=0m52s

Security teams protect the organization’s mission and profitability. That fundamentally means protecting a user’s productivity. Protecting IT systems is secondary. That is a bit of a mindset shift, I know, but bear with me.

What does it mean to fight for the users? It means viewing IT security breaches in the perspective of the impact to the business's mission. It means viewing IT security controls in the perspective of the impact on user’s productivity. Fighting for the users is central to business-centric risk management.

0c662157-e12b-4fdc-a522-bc7f54769229|0|.0

Tags:

Risk Management | Security

Load balance SSH without "Potential Security Breach" or "Someone Is Doing Something Nasty"You setup a couple servers with SSH and load balance these. Then, Linux users start reporting they a...Gmail Outage"A prolonged, ongoing Gmail outage has some Google Apps administrators pulling their hair out as the...Private Cloud ROIWhen and how does private cloud computing pay for itself? What is the return? I recently spoke with ...

Month List

Twitter

Category list

Month List

Twitter

Blogroll