|
|
|
01 Aug 2005
Resellers can show how to achieve value from compliance by focusing on the broader enterprise security goals, claims Dennis Szerzen.
In recent months company directors have been reminded that a failure to comply with new regulations can and will land them in prison.
The technology pages’ recent emphasis on regulatory compliance has coincided with some high profile headlines detailing the escapades of cyber criminals around the world.
End customers seek peace of mind that organisations are genuinely committed to security because they want to be, not just because laws require them to be, and that the necessary infrastructure has been put in place to prevent information leakage.
At the end of May, Japan’s largest price comparison web portal was scrambling with the fallout of a decision to keep its web site in operation for three days with the knowledge that it had been hacked and could be feeding Trojan horse programs to visitors. A proactive whitelisting approach to stopping malware could have prevented such a scenario from unfolding, which shows how an enterprise can prepare for more than just the bare minimum legal requirements under new legislation impacting upon it.
Whitelisting can be a critical component of the fusion between compliance and security. While compliance can force businesses to embrace security stances that they ought to have in place anyway, it can also pull the other way.
Marketing hype that exploits uncertainty over new regulations is counter-productive and simply unnecessary when one considers the capabilities of access control technology and its wider implications.
Unfortunately, compliance is absorbing an increasing percentage of the budget, often without proper evaluation. Resellers can show extra value here by suggesting technology that can bridge different requirements in a single implementation.
In the minds of security officers around the world, there is a tug-of-war between the compliance-led approach and the risk-led approach. The key to extracting value from compliance is perhaps not to address it directly, but to concentrate on the broader security goals of adopting best practice frameworks and effective risk management. Resellers can put forward close access control as a method of enabling security officers to kill two birds with one stone.
This approach ultimately means that compliance can be the happy side benefit, and not just represent the business gains.
Related articles
In this video find out about the fast-growing Chinese vendor's plans for market domination and how the channel is its route of choice
Find out what gifts Acer has in store for partners for 2012 in this exclusive roundup of its recent conference
CRN's premier networking event is back on 17 May at the Ricoh Arena
Date: Thu 17 May 2012
Channel fighters preparing to square up once more on 24 May
Date: Thu 24 May 2012
The proliferation of endpoint devices within the enterprise has highlighted the shortcomings of one of the traditional approaches to data security
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Dave discovers that rozzers are seemingly living in the technology dark ages
Mark Needham, founder of distributor Widget, argues that John Browett leaves for Apple with Dixons in better shape than when he arrived
|
|
|
Do you agree?
Have your say