IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

Information security in today's IT environment

April 17, 2006

At the very root level, information security (IS) is defined as ongoing and concerted efforts to help protect the transmission, the overall quality and the ultimate storage of data, from potential internal and external threats of all kinds.

Such potential threats can range from Internet attacks and natural disasters to viruses and worms, hostile intelligence-gathering and even biological attacks of many types.

Information security must protect all types of data and their underlying applications, their networks, its equipment, data centers and various facilities, as well as IT and personnel.

Information security and protection must also extend across governmental units and various contractors and outsourcing organizations.

It is generally accepted by a wide range of industry observers that a disaster can ultimately cripple our ability to deploy military, first responder and law enforcement resources, maintain vital services, issue drivers licences, and even collect taxes.

At the same time, security and other reviews have highlighted gaps and weaknesses in capabilities to protect computers, communications and data. To address these shortcomings, government units must take immediate steps to identify information security threats, protect IT resources and ensure continuance of operations.

Both the private and public sectors are now emphasizing information security. However, information security in the public sector is complicated by both the ramifications of an attack and an abundance of disparate heterogeneous systems within and among government units.

While the private sector can limit access, many government units are required to provide access to public services.

The drive toward intergovernmental and departmental information sharing, especially among law enforcement agencies, also makes it harder to balance access and security.

Information superiority, or the gathering, analyzing and sharing of relevant information, facilitates the timely and effective deployment of our defence resources. In order to meet these demands, organizations are turning to an information infrastructure solution, honing in on three critical elements – consolidation, control and continuity – to more efficiently deploy and manage resources while quickly responding to adversity:

Consolidation
The consolidation of servers and storage allows for significantly higher utilization rates. Consolidation reduces the amount of storage a company needs to buy and manage and allows staff to spend less time juggling complexity and more time driving the business forward.

Control
An IT organization’s ability to manage complexity through centralized storage management enables it to “automatically” control its many devices, quickly execute tasks and assign processes across the entire heterogeneous environment. Leveraging powerful management tools to simplify storage administration will determine whether or not an organization can meet or exceed its agreed upon levels of service.

Continuity
Protecting information assets through robust business continuity can reduce the risks inherent in having numerous points of control and back-up devices. Once the above consolidation and control capabilities are in place, continuity steps in to measure and protect information while guaranteeing the safety and security of both local and remote information.

A networked storage solution sets up a single unified infrastructure that accelerates the flow of information and breaks down any barriers between diverse technologies and stove-piped infrastructures.

What’s more, it can enable IT managers to build an infrastructure that will ensure survivability and resilience by including:

Information centricity
Allows for the consolidation of information throughout the enterprise into central locations, enabling IT managers to leverage information, rather than merely managing technology. Without consolidated and shared information, an organization cannot fully meet its goals and objectives.

Heterogeneous connectivity
Unlike traditional server-based storage, an advanced information infrastructure stores, retrieves and connects to data from all major computing platforms including: both mainframe and open systems environments, networks, file servers, web servers and management interfaces.

Cascadability
Enterprise storage is cascadable, meaning it can be re-assigned over time so that it is a re-usable and non-obsolete resource, ensuring that information can be utilized – even when applications or other IT equipment are discarded, upgraded and replaced.

Information management
A common information management environment simplifies tasks and provides a centrally managed point of control. For example, it enables seamless backup and restore capability, and delivery of user performance data for every platform, while driving the standardization of IT processes throughout the enterprise.

Information sharing
Advanced software intelligence bridges stove-piped mainframe and open systems environments, allowing information to be shared without depending on traditional IP network based techniques.

Source: IT World Canada