« Entering the Blogosphere | Main | Building-in Security at the Data and Workflow Levels »

June 05, 2008

Data-centric security

Kim Addington
Chief Marketing Officer
nuBridges

For improved decision making, risk management and governance
Reflections on 2008 Gartner IT Security Summit

We all know that business data is multiplying at an unprecedented rate (along with its value to the enterprise). IDC estimates growth at between 50% and 80% annually, while the META Group says it’s closer to 100%. That means the challenges around protecting business data are growing exponentially too.

One of the themes I heard at the conference was that over the next five to eight years we’ll see security stovepipes start to get broken down – security will get integrated into the fabric of our business systems both organizationally and technically. Security products and services will become more unified. One of the metaphors Gartner used to illustrate this is the human body’s immune system and how elegantly it operates – it was an interesting vision that they admitted is years away, but they predict that the leading vendors will be the ones that start to consolidate security stovepipes into more unified products and services.

Another security trend that’s directly relevant to the things I think about every day at nuBridges is that IT needs to move in the direction of protecting workloads and information, not individual devices and endpoints.  We need to bring boundaries closer to what needs to be protected – the data, allowing businesses to break artificial boundaries that constrain business processes and the extended enterprise.

At nuBridges, we really believe in data-centric security – whether at rest or in transit. In fact, I had just finished writing some new Web site content:  “It’s time to change the way we think about data protection – the boundary isn’t the network, it’s the data itself.” when I boarded the plane for the Gartner Summit. It was good to hear that perspective echoed by hundreds of security experts in Washington (not just the analysts, but also the attendees who have to do the real work).

One term they used that I liked a lot was moving in the direction of “self-protecting resources.” My perspective is that this can only happen if the security industry gives customers better policy definition and management tools.

I’d like to hear about your company’s stance on protecting data at its source versus focusing primarily on the perimeter.  One area “self-protecting resources” can really address is concerns about internal data leakage. Is your organization looking at this today?

Talk soon,
Kim

Posted at 12:26 PM in Data security |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e55256602e883400e552d5c6258834

Listed below are links to weblogs that reference Data-centric security:

Comments

Recent Posts

Recent Comments

Categories

Archives

More...

Subscribe to this blog's feed

About

nuBridges Web sites

Twitter Updates

    follow me on Twitter