A successful Chief Information Security Officer (CISO) understands that business risk, and the business attitude to risk, are key drivers for a strong IT security strategy
A successful Chief Information Security Officer (CISO) understands that business risk, and the business attitude to risk, are key drivers for a strong IT security strategy. A strategy that can balance acceptable risk,measured in terms of real business impact, while responding to business needs across a 24 or even 36-month outlook is a true value add;implemented in the field and recognised in the boardroom.
Today, there are two major trends confronting the CISO: consumerisation of IT and the advent of cloud services. These two trends feed each other in a positive feedback spiral, with the explosion of mobile bring your own device (BYOD) users consuming ever more cloud-based services that span consumer and business applications
The challenge, therefore, is to understand the business risks in comparison to the potential benefits of such trends in order to reach a desired balance. And a fundamental outcome of risk management is the IT security strategy.
The business opportunities of consumerisation and cloud are well documented, if not well understood. Cloud-based service delivery presumes a pay as you go (PAYG) charging structure that gives access to elastic compute and storage resource that is either hosted within the private enterprise domain, the public domain or is a mixture of both, known as hybrid. The BYOD phenomenon makes use of the IT-savvy workforce and increases productivity through immediate and effective access to services. The combination of consumerisation and cloud allows previously unattainable levels of business agility. Users now have instant access to a rich mix of social and business applications, independent of the storage and processing power of the end device, and from any device in any location.
However, the combination of increased mobility of the user, un-managed devices and the virtualised data centre - from which cloud services are delivered - leads to a number of security challenges not previously experienced by the enterprise or service provider.
At the highest level, there is a need to deliver clean clouds, which can be understood as an attack-free zone to host and provide services in both the public and private domains. The next step of the challenge is to ensure that the largely un-managed devices accessing on-demand services are infection-free and can connect securely, without compromising data in transit.
Juniper Networks delivers innovative network security technology that underpins clean clouds. Juniper’s integrated portfolio of software and appliances combine to create an end-to-end cloud security architecture. The architecture is built on the premise of simplifying the delivery of secure cloud services, establishing attack-free zones within the virtualised data centre and ensuring the secure connection - and infection -free status - of mobile and fixed devices.
If you are eager to unlock the value of IT security - in the cloud, on the move, anywhere - for your business, you should be talking to Juniper Networks. You can find out more at: www.btengageit.com/juniper