Today, organisations not only use information to build their business, but they also leverage that information for a competitive advantage. The information attribute that provides an edge over the competition is the very same factor that has driven the value of that information skywards.
Trading information for gain has subsequently become the new economy. Information has become the new currency. Information is itself the target. Attached to this is the economy of also protecting that information. And if you don't want to voluntarily trade your information, cyber-criminals insist on finding alternative means to expropriate that information, with or without your consent and cooperation.
The Internet has encouraged business to open up company resources, which has ultimately placed business at risk from exploit both from within and from without. As such, information protection requirements are rapidly expanding globally. Hence, the question of who else has access to information has become increasingly a worry of business managers.
The information economy
Being one of the organisation's only unique and valuable assets is one development of the information economy driving the increased need for information protection. According to the International Data Corporation (IDC), over the next four years more than 800 exabytes will be created, accumulated and stored by organisations.
Organisations are responsible for the security, privacy, reliability and compliance of at least 85% of the information they keep. Since organisations have become more dependent on the effective use of digital information, they are also transforming their infrastructures to maximise the value of information.
By increasing the value of their information, both the protection and availability of information have become a core capability of any information infrastructure.
One could argue that exploiting digital information has been at the heart of just about every game-changing business model of the past decade. Globally, we are caught in an avalanche of digital information that will continue to grow at a compound annual rate of 57% between 2006 and 2010, according to the IDC.
Over the next four years, more than 800 million TB will be added to the digital universe. Information infrastructure is fast becoming the foundation on which organisations can implement their information lifecycle management strategies, secure their critical assets, leverage their content for competitive advantage, automate their data centre operations, implement grid and virtualisation strategies, prepare for service-oriented architectures and much more. Add to this data explosion the changing business landscape.
Today's organisations are virtual, global and dynamic, making companies more distributed and perimeters less definable. Behind this change is the underlying information infrastructure. Information infrastructures enable not only the freedom to surf the Internet, but accommodate intranets to service our own employees, as well as extranets to service business partners and customers.
Perimeter protection
The Internet has encouraged business to open up company resources, which has ultimately placed business at risk from exploit both from within and from without.
Wayne Biehn is director of products and technology at SecureData Security.
As perimeters become less defined, instead of focusing only on perimeter security, it is vital for information to be protected no matter where it resides within an organisation. Where established storage infrastructures exist, it is imperative that the storage infrastructure inherits the highest levels of security.
The two-dimensional business mandate of simultaneously securing and enabling the information infrastructure involves a shared set of solutions, services and best practices for storing, protecting, optimising and leveraging information. These are required to avoid the potentially serious risks and reduce the significant costs associated with managing information, while fully exploiting information's value for business advantage.
Security is an inherent part of every information infrastructure. Tools such as firewalls and anti-virus software build and protect perimeters. Relying solely on perimeter-centric approaches to security ignores the fact that information lives and moves throughout its lifecycle.
When data moves outside the protected perimeters we've built, it is largely unprotected - which has led to many of the breaches and losses reported globally. So while perimeter protection is absolutely necessary, information security requires something additional. What's required is an approach that's designed to secure the information itself, wherever it resides. This approach complements perimeter-centric and identity-centric approaches. An information-centric security model provides an aggregation of all the layers of security, from perimeter-centric security right through to binding security to the data object itself.
This emphasis on information-centric security has a number of top value propositions. These value propositions help with the foundation stages of information-centric security, enabling customers to implement the key technologies required to secure their critical assets.
* The first value proposition, secure enterprise data, helps customers protect their critical data, structured and unstructured, wherever it resides using technologies such as encryption, rights management, ILP, BMR including BURA and DR, digital investigation along with a comprehensive set of assessment and implementation offers.
* The second value proposition, manage compliance and security information, combines security information management software, storage and design and implementation services to deliver an enterprise platform for managing and leveraging compliance and security information.
* The third value proposition, secure remote access, addresses the most common starting point for comprehensively managing and securing user access to critical resources, with user authentication.
* The fourth value proposition, protecting online customers, helps financial institutions secure their interactions with their customers through online channels and to prevent fraud.
* Wayne Biehn is director of products and technology at SecureData Security.
Share