KISS: Keep Information Security Simple

By: Absolute Team | 10/16/2013

Maxim Weinstein recently wrote an article for Dark Reading about "The New KISS Rule: Keep Information Security Simple," an acronym we should all take to note when we consider IT management and security. Quoting Bruce Schneier, "complexity is the worst enemy of security," it behooves us to consider that easy-to-use and unified information security systems are going to be more effective because of their simplicity to roll out and manage.

Maxim notes, "As security professionals, we love to be in control and to have every available knob and dial at our disposal. Yet the more complex a security system is, the less likely we are to take full advantage of available features, to apply policies consistently, and to avoid configuration mistakes."

In the article, Maxim notes how Data Loss Prevention (DLP) is an area where the KISS Rule should apply. With multiple device types, workstations, servers, email systems and network gateways, it's difficult to uniformly apply rules. Some companies are managing multiple DLP systems, with individual consoles, creating a complex system that is hard to manage.

Alternatively, a DLP solution that provides all of these solutions ensures consistency while also reducing the burden on the IT department. While IT may wish for more granular control, the reality is that such control is often used improperly or not at all, so all-in-one solutions provide the most secure (and cost-effective) solution.

The article continues talking about how the desire for minute control drove IT solutions to become complex and how that is swinging back now to a desire for simplicity in the face of growing mistakes, inconsistencies and incomplete protection.

If you're ready to KISS, why not try out our solutions? At Absolute Software, we are bringing together our tools to offer the KISS approach, such as the release of Absolute Service 8.0 offering remote control and endpoint management functions in addition to our ITSM functions - a unified approach from a single console.

Financial Services