Gartner has just released its annual security planning guide, the 2015 Planning Guide for Security and Risk Management. The guide reflects the need to scale and adjust both risk management and security practices to meet the current and future needs of both IT and the business.
As the guide discusses, many risk management programs are out of date, with security and compliance falling farther and farther behind. When companies become entrenched in “traditional security patterns,” it becomes harder to catch up with the changing security landscape.
The report guides you through how to conduct a risk assessment and how to choose your security controls. Particular attention is paid to the 'Nexus of Forces,' which is defined by Gartner as "the convergence and mutual reinforcement of four interdependent trends: social interaction, mobility, cloud, and information.” These forces both empower individuals and the way they work but also have security implications that must be dealt with.
“Loss of control and visibility will continue in the Nexus of Forces, with mobility and cloud leading the way. But with compliance still often equating security to having control, this leads to challenges in adoption of these now not-so-new technologies."
The report suggests the importance of logging and monitoring activity, with reporting and post hoc investigations of events as must-haves. Real-time insight, alerts and enforcement are all key to effective security plans.
When it comes to securing the endpoint, and the data contained within, Absolute persistence technology provides a reliable connection to ensure compliance. Whether it’s monitoring or securing devices from a single console, creating custom alerts and policies, or proving chain of custody or when criminal activity is suspected, we have you covered. Learn more about Absolute Data Security here.