Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Tivoli Lists Top E-Business Security Recommendations

From: William Knowles <erehwon () C4I ORG>
Date: Wed, 26 Jul 2000 11:16:38 -0500
http://crn.com/dailies/digest/breakingnews.asp?ArticleID=18686

By Marcia Savage
CRN
Austin, Texas
6:24 PM EST Tues., July 25, 2000

Tivoli Systems Tuesday released a list of top 10 recommendations for
lining up information security policies with business objectives.

The list shows ways that security can be used to grow an e-business
instead of being an inhibitor, says Bob Kalka, product line manager for
the Tivoli Security Business Unit, based here.

"Everyone is struggling with how to use security to grow their
e-business--we think we've cracked the code," he says.

Topping Tivoli's list is the assignment of a high-level executive to
develop and enforce security policies--a "chief information security
officer." That person should act as an adviser and go-between to the
business units and IT security staff, Kalka says.

Tivoli also recommends ensuring that security policies are "holistically
defined and enforced across the e-business, from applications and networks
to physical servers and laptops." Implementing a security policy
individually at each level could lead to extra costs, Kalka says.

Also key is looking at least six months ahead to avoid creating an
e-business security infrastructure that becomes another legacy system in a
few months, he says. Integrators need to avoid security solutions that
only support Web environments that can't work with existing applications,
Kalka adds.

Other recommendations on Tivoli's list: Beware of vendors that promise a
complete security solution with only their own product portfolio; use open
standards for flexibility and interoperability; and control administration
consistently from a central policy but allow flexibility based on business
needs.

In addition, Tivoli unveiled the development of its SecureWay Policy
Director Deployment Kit, which includes a design guide for integrating a
secure policy management solution. The kit is scheduled for limited
availability in the third quarter.


------------------------------------------------
Private information is practically the source of
every large modern fortune.       -- Oscar Wilde
------------------------------------------------
erehwon () c4i org      http://www.c4i.org/erehwon/
*==============================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".
Previous By Date Next
Previous By Thread Next

Current thread: