Information Technology Reference
In-Depth Information
always be monitored carefully to identify overly successful solutions and
apply controls or add resources to suit. The use of cloud computing host-
ing can help reduce the impact of suddenly vital new offerings by allow-
ing an expansion of network and system resources at need by simply
purchasing additional capacity. We will examine cloud computing and
other virtualization practices later in this topic.
Too much of a good thing can also be a problem when implement-
ing security measures. It is easy to make layered defenses so unwieldy
that users find ways to bypass controls just to perform common tasks.
If the password policy calls for highly complex 14-digit passwords that
change every 40 days, users may start writing down the latest version in
a convenient place. Business intelligence applications often generate the
same type of threat, as it is very easy to get lost in reports and dashboards
showing how well operations are performing when measured against how
they were doing this morning or ten years ago—regardless of whether this
information is useful to the organization.
The same can be true of security practitioners, where the ability to log
and monitor every action within the entire network can become a goal
unto itself. Too much logging and data mining can sometimes get in the
way of simpler updates and less flashy tasks that are fundamental to net-
work health. Focus in the wrong area or misplaced trust in defensive tech-
nologies alone leads to vulnerable systems and a false sense of security. It
is easy to miss an ongoing brute-force attack against a server hosting the
company's SSL-encrypted website if the fancy monitoring tools are hap-
pily logging that hits are up and encryption is in place.
Plan on Partners
Organizations are increasingly integrating external connectivity for busi-
ness-to-business (B2B) partner relationships, business-to-consumer (B2C)
automated shipping management, and mobile workspace management.
Industries may use specialized processing services or clearing houses for
data management and mandatory reporting, such as in the case of care-
giver integration with health insurance provider systems for billing and
client account management. Services are increasingly moving to an online
format, particularly with the explosion of SOA-based Web services expos-
ing applications that could previously function only within an isolated
internal network.
Search WWH ::




Custom Search