Power is nothing without control

The evolution of IT infrastructure in the public sector has reached a crossroads, writes Paul Davie

Written by Paul Davie

CRN, 22 Nov 2007

Legislation and the increasing weight of personal information are forcing an increase in the
complexity of the IT systems in public sector organisations.
This potent mixture of external and internal pressure has meant that a new approach to IT system design has been necessary to meet these needs. Consolidation of resources is now the mantra and all those benefits associated with it, such as re-usability, scalability and low cost of ownership, are now standard terms in boardrooms.
The NHS Trusts in the north west of England recently announced they have streamlined document and print management services. However, consolidation does increase the risk and impact of security breaches on centralised systems.
Recent stories about more than 50 NHS staff viewing celebrity patients’ records is one of many examples of how technologies introduced for the greater good, allowing information sharing, are also an Achilles’ heel if they are not properly secured.
Historically, there has been far too much emphasis on encryption and authentication of data at the expense of monitoring what authenticated users are actually doing with the data when they are given access to it. As Pirelli’s mantra goes: power is nothing without control.
The NHS Trusts, like other public sector bodies, need to learn from the commercial world, where it has become accepted that the key to protecting information from internal audiences with inquisitive minds is in securing and monitoring access to the database with the use of more intelligent behavioural analysis technologies.
It is obvious that existing systems will only become heavier with personal information and, therefore, they run the risk of becoming a goldmine for attacks, both from inside and out.
In light of this increasing pressure, resellers and distributors should ready themselves for the opportunity that is presented.
Public bodies need help to streamline their technologies, while protecting their systems from
external and internal threats.
Paul Davie is chief operating officer and founder of Secerno.

See also:

reader comments

related articles

Ecommerce

PCI standard 'ignores' insider threat

Database security firm warns of gaping holes 23 Jun 2008

Updated: IT security survey opens Infosec

Firms could do more to improve security, according to survey on IT breaches 22 Apr 2008

Healthcare IT failing on security

Mobile working pushes up data loss risk 18 Apr 2008

latest news

Microsoft snags 63 online counterfeiters

Software giant initiates seven civil cases against UK internet auctioneers 04 Dec 2008

Exclusive: Euler scales down on Westcoast exposure

But the broadliner has claimed the reduction in cover from the UK’s largest credit insurer will have no impact 04 Dec 2008

Mann sentenced to 10 months (UPDATED)

FNS director receives custodial sentence for intention to pervert the course of justice 04 Dec 2008

More news

poll

Marketers under pressure

Marketers under pressure

Do you agree that marketing roles will be most at risk in 2009?

Previous poll results

Vendor Q&A Session: Rick Wallis, NEC Computers

Vendor Q&A Session: Rick Wallis, NEC Computers

During this Q&A session Rick Wallis, UK Sales Director at NEC Computers, talks about the firm’s reasons for committing to a 100 per cent channel strategy

In the Studio with CRN: Oracle

CRN TV catches up with Alan Hartwell, vice president of technology solutions and channels at Oracle

More CRN TV

events

Channel Expo 2009 logo

Channel Expo 2009

The UK's top reseller exhibition will return to the NEC on 20 May 2009

CRN Fight Night 2009

The channel's only white-collar boxing event is back

More Events

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

White papers

Search white papers

Top categories

Primary Navigation