“Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.”
Bruce Schneier, Schneier on Security
It would be an understatement to say that information security has become critical and incredibly complex. Who can blame us with so much at stake — from credit card numbers to state secrets to intellectual property? But as we amass more information and ways to access it than ever before, are the layers we’re putting in place to secure it creating unnecessary complexity, maybe even chaos?
So far, in our modern information management blog series, we’ve discussed information overload and how to overcome it, as well as using AI to uncover insight and drive automation. In this blog, we’ll examine how we can simplify cybersecurity while enhancing our ability to detect and protect from threats and recover from incidents.
More data, more vectors, more risk
According to a recent study commissioned by OpenText, storing and governing access to data in a secure manner is a top information challenge for organizations large (40% of respondents listed it) and small (54% said so).
Security becomes a greater concern as we generate, collect, manage and share more information because it’s incredibly valuable. For example, if information contains intellectual property or personal details, then competitive advantage and trustworthiness are at stake. Risk of data theft or data loss are obvious concerns, but there’s also risk of failing to maintain adequate governance of incredibly complex and interconnected data sets, which can quickly lead to noncompliance and harsh penalties. On the one hand we need as much relevant data as possible to fuel our digital businesses with insight, but on the other hand, when we amass more information we significantly increase our vulnerability.
It’s not just information that is growing in volume and complexity. It’s also who is accessing it, for what reason, through what device, and in what geography. Users want access to information faster than ever before, anywhere, on any device, contextualized to what they’re trying to accomplish. This translates to increased attack vectors for bad actors, complexity for security professionals to manage and risk of human error in handling information properly.
A simple solution
The adage “There’s no such thing as 100% security” reminds us that no matter how many layers of technology, policies and rules we add, there is a human factor that will always add variation and vulnerability. That fact alone makes a case for simplified security.
“One of the things that I would tell people to do is to create security solutions that are not going to add more complexity. If we’re putting another fifty silos on existing systems because of security…we’re not really solving the problem,” said David Linthicum, technology futurist, author and Chief Cloud Strategy Officer with Deloitte Consulting, during a recent CIO webcast. “Fit the security systems in there in terms of how we’re managing and orchestrating the movement of information. It should be modeled as a very logical plan … (instead of) throwing technology at the problem.”
Simplicity comes when the level of security, access and governance applied to information fits its nature, the use case and the individual or application accessing it. Simplicity also means automating repetitive or monotonous tasks for users – security professionals and end users alike – to avoid mistakes or cutting corners. For many organizations, this ends up creating vendor proliferation and integration challenges, as more point solutions are needed to suit each unique scenario, vulnerability or connection point.
To better protect, detect and rebound from attacks, security should be comprehensive, highly integrated, automated and embedded in everything from code to core to cloud. And by consolidating security vendors, you can simplify the management of your security thereby reducing the risk of a breach, data loss or non-compliance.
Modern information management
Effectively protecting data sustains competitive advantage and builds trust with stakeholders; it should be an integral component of every system in an organization. When security is intrinsic and in context, highly integrated and automated, complexity and the risk that comes with it can be minimized.
Simplified security is a key enabler of modern information management, which combines advanced technologies and innovative cloud strategies to connect data, secure knowledge and apply intelligence for any user, any data type, anywhere, at any speed, for any rules. Organizations that take advantage of modern information management routinely apply simplified security to solve their business challenges and achieve digital success.
OpenText solutions protect information at the scale that today’s businesses need, helping them to work smarter and gain the information advantage. Learn more about how your organization can benefit.
Read the other blog posts in this series on modern information management:
