Security Is Shaping IT Pros Roles - ' Looking ahead ' (
Page 5 of 6 )
In terms of looking ahead to the next year or two, in what areas do you
see yourselves having to acquire additional skills or resources?
Calabrese: Our goal is to target faster delivery of service. I dont
think there is a person here with a computer at their disposal who would be
able to function through to the end of the day were that computer to be down
for any reason.
The minute one computer is down, let alone several computers, we start ticking off lost dollars. So it really is a race.
That time to response has to be shrunk, and the only way to do it is to take and apply more intelligent approaches.
What about disruptions to IT that are not the result of malice but are just
ordinary flakiness in the system? Are you finding that systems are generally
more reliable?
Calabrese: Again, as a matter of necessity, in part because of the frequent
occurrence of patching, weve had to really hammer down the standard compute
model. Of course, the downside is, if I send out an update to 2,000 computers,
Im just as likely to kill all 2,000.
Gunnerson: On the server side, we have more of a feeling of the danger
that Frank just talked about: What, if any, of the patches might clobber the
applications were running? The real trick on some of this is you run [a
patch] and see if things die. Or you say, "Do I really need to do that one,
or is the threat low enough that I can wait until the next patch cycle to make
it happen?"
Benincasa: On workstations, were pretty much deploying patches as they
get released. On servers, were normally a little bit behind the curve because
our concerns are mostly on the servers. We dont have a big-enough test lab
to test every circumstance of every application that were running.
So, do you rely to some extent on waiting to see what happens when other
people deploy?
Benincasa: Yes, and we wait to see if theres information from the news
magazines, etc., about a patch being deployed and destroying an application,
that type of thing. You also get a fairly good feel, even though youre not
running the applications per se on the workstation, when all of a sudden the
workstation is failing—it kind of gives you a feel of how clean the patch
is.
Are you spending more time scanning and monitoring?
Benincasa: Oh, definitely.
Do you think you will continue to spend more time on these tasks, or are
tools becoming available that will ease the burden?
Benincasa: I think the tools are getting better, but I think the tools
will always remain behind the attacks because the attacks are targeting things
that no one is thinking about. Were protecting things today, but somebody will
attack something in two weeks that nobodys even thought about. I dont know
how that will ever be eliminated. I think thats the nature of it.
Next page: The problem with legislation.
