Security Topics - round and round we go! PDF Print E-mail
User Rating: / 1
PoorBest 
Written by Michael Felt   

This year I have been busier with security than I was in 2015 and I would like to share two themes that have been discussion points with several customers.

  • Maintenance
  • Third-Party Security Tools

Maintenance

Maintenance alone does not drive business; however, lack of regular maintenance is a high risk to continuous operations as well as security compliance. Executive level policy directing cooperation between all vested parties, e.g., business, security, networking, storage and systems is needed. All must be heard as well as hard targets with a clear "sign-off" of the requestors further responsibility when any "right of veto" is used to block normal operations.

3rd Party Security Tools

3rd Party Security Tools are expected. However, 3rd party tools should enhance, not replace OEM/OS native tools. Where the tools conflict VAR should provide options to resolve the conflict without hampering the integrity of the operatating system - just as the operating system may not hamper proper functioning of an application.


In short, I expect to see security tools above and beyond what AIX and/or POWER provide
"from the manufacturer". Likewise, I am distressed when third party tools are appiled as either:

  • "one size fits all"
  • a "magic wand"

There is no such thing in systems security. 

 
< Prev   Next >