IT’s control freak security mentality is starting to unravel
The big flaw in conventional thinking on information security has been exposed now that IT is losing direct control over enterprise computing.
For years, IT has made the mistake of equating ownership with security, according to analyst firm Gartner. But with staff increasingly using their own devices and non-IT functions buying cloud services, the failings of that assumption are clear.
“It’s not about ownership and control. That worked in the past because we owned everything. We don’t own everything and we need new models for trust and trustability that do not rely on direct ownership,” VP and Gartner Fellow Neil MacDonald said.
“In fact information security was never about device lockdown, or dictating applications or building firewalls. It was always about protecting the confidentiality, the integrity, the authenticity, the availability of information. That’s our job,” he told an audience at last week’s HP enterprise security event in London.