Think of Security as More Than a Cost Center

 
 
By Cameron Sturdevant  |  Posted 2001-11-19 Email Print this article Print
 
 
 
 
 
 
 

Intrusion detection and security management is rightly seen as a cost center, but with the right blend of tools and imagination, the costs can be leveraged to reveal significant performance management gains.

Intrusion detection and security management is rightly seen as a cost center, but with the right blend of tools and imagination, the costs can be leveraged to reveal significant performance management gains.

At eWeek Labs, weve seen that most of the products that provide security services—including detection and nearly every analysis tool—are based either on packet-sniffing technology or on log-file analysis.

These pure security products can help IT managers with more than security. Reports that show if systems are receiving the latest security updates will show a pattern that can reasonably be extended to other maintenance operations. For example, Symantecs Enterprise Security Manager can report on the status of its agents scattered throughout the enterprise. Even a cursory glance at this report can provide IT managers with clues as to the current configuration of the systems, in terms of performance patches, because security updates often require that the latest system patches be in place to work correctly.

In eWeek Labs Special Series on IT security, we recommend that systems be configured with as few services as possible. Simplifying system configurations—and, for that matter, infrastructure devices—means fewer "moving parts" are exposed. It also usually means systems are easier for technicians to maintain and upgrade.

In securing systems, we also gain a better understanding of how they work and how they can be tuned to perform more efficiently. This is especially true of devices such as routers, in which even a few minor changes that reduce the number of security exposures on the system, such as turning off unneeded protocol support, can result in surprising performance improvements.

Finally, planning and carrying out a comprehensive security plan requires a re-examination of the entire IT layout. IT managers can recycle and update blueprints that were used to prepare for Y2K remediation as the basis for putting together a security plan. Recycling plans, squeezing more information out of security reports and simplifying configurations can take the edge off the cost of defending the enterprise.

Senior Analyst Cameron Sturdevant can be contacted at cameron_sturdevant@ziffdavis.com.

 
 
 
 
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at cameron.sturdevant@quinstreet.com.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel