As I discuss IT security strategies and future architectures with clients, there are several inflection points that I don’t think many organizations are prepared for.
Are you ready for the point where:
- More non-employees access our systems and information than actual employees (To be clear – I’m not talking about consumer-facing websites, I’m talking about our internal systems and information opened up for collaboration and inter-enterprise processes).
- More than half of our employees spend the majority of their working hours connected to networks we don’t own and don’t control (airports, hotels, home, wireless, 3G and so on)
- Even on networks we do control, the majority of devices that connect won’t be devices we own or control (mobile devices primarily, but also including contractor machines, employee-owned laptops and so on)
- The majority of server workloads connecting to our network will be virtual machines, not physical machines.
Some of you are already experiencing these. All of these will challenge our traditional assumptions about information security. I’d be interested in your thoughts, including any you think I might have missed.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.