Simplicity involves two major processes: eliminating redundant elements and integrating disparate elements into a common workflow or process.
How do organizations successfully implement new technologies and processes that enable business to innovate? How does IT Security and Operations deal with a changing vulnerability and threat landscape? How do increasingly complex IT environments find that level of elegant simplicity that allows them to be agile?
One of the biggest challenges to successfully implementing IT technologies is, in most cases, not a flaw in technology but a weakness in process. That is organizations implement technologies without having a defined process to manage the deployments. Security is no longer about dropping in a new box or piece of software and letting it do its thing, from managing policy to managing threats and risk requires process to continually tune, refine, and enforce and more importantly it requires cross-organizational cooperation, in the form of workflow or process. IT Security is pushing away from reactive element and environment management to mature pre-incident measures, aligning more with business process views, and using metrics to continually improve procedural efficiencies and effectiveness. This creates complexity and if not managed results in what are perceived as technical failures. The only way to combat complexity is simplicity. So how does a complex organization obtain simplicity?
Simplicity involves two major processes: eliminating redundant elements and integrating disparate elements into a common workflow or process. Within IT there are multiple ways to find simplicity and I will post several methods for various aspects of IT Security over the coming days – stay tuned!