From the CSO’s desk
Balancing act: people & technology
Kris Rowley
CISO, state of Vermont
budgets being chipped away network. There is also a grow-
in the name of cost savings, ing mobile workforce, which
A
onals,
s security professionals, technology solutions are usu- brings its own unique set of
e
our job is to assure that ally the first to be eliminated. security hazards. Unencrypted
the information andnd Also technology solutions can USB drives, laptops, PDAs
data we are entrusted to pro- be breached, undermined and and other devices are also
ty,
tect maintains its integrity, is worked around by those savvy an increasing threat to
available and confidential. al. enough to do it. information security.
But in these times when en In other words, technol- Some say information
budgets are tightening, ogy, while necessary in our security can be achieved,
companies downsizing, data high tech, web-centric world, with enough technology.
breaches making headlines nes is not the be-all and end-all Many users take that
and large businesses los- - when it comes to computer stance. End-users often-
ing credibility, how do we security. It certainly is criti- times feel that they are
?
approach this challenge? Data cal to have secure firewalls, “safe” on the company
sue
security is a multifold issue intrusion detection systems, networks because of the
with a layered solution. Even spam guards, etc. However, security measures that
with all the layers, there are all the network security in have been put in place.
oss.
still data breaches and loss. the world isn’t going to keep So, the bottom line is that
We can write policies that networks safe if employees keeping information security
state the best practices, rules are not properly trained. in front of employees is essen-
ng
and regulations regarding data For example, according to tial. The use of posters and
ong
protection. Actually, strong a recent study, human error