Sunday, October 07, 2007

Data-Centric vs Network-Centric Security

This is something that I, and other computer security experts, have been saying a lot recently. The approach to IT security has to move from being focused on protecting hardware and networks, as in traditional firewalls and server hardening, to being more focused on protecting data.

Now, that doesn't mean abandoning firewalls and traditional network hardening. The idea is to combine that with other controls -- content monitoring, application firewalls and endpoint security -- to protect data both in motion and at rest.

It's the data, not the network, since that is what's at risk. The traditional approach of just protecting the perimeter, just doesn't work any more.


Post a Comment

Links to this post:

Create a Link

<< Home