The use of data loss prevention (DLP) technology could finally help ensure that critical information stops leaching out of the enterprise, argued Gene Hodges, chief executive of Websense.
Efforts to lockdown devices, networks and infrastructure have failed to deliver robust safeguards, said Hodges. Instead of focussing on locking down end points, enterprises need to ensure that unauthorised agents cannot extract critical data, he added.
"You need to give up on trying to secure end points and concentrate on data, " Hodges said.
The idea that users can or should be prevented from acting insecurely is naïve and impractical, he argued.
A move towards a more information-centric view of IT security is "long overdue", argued Cisco's chief security officer, John Stewart.
Historically, IT security has focused on preventing behaviour which can be clearly identified as malicious, but today the diversity and volume of threats is so great that organisations would do better to only permit actions which are intrinsically safe, he added. "Everything else should be questioned," said Stewart.
Experts urge fundamental rethink of IT security
By Gareth Morgan on Apr 10, 2008 7:37AM