Lack of engagement between IT and business reduces the effectiveness of technology
Security needs much more than technology alone, says KPMG
Janie Davies
Computing
17 Jun 2008
Too much reliance on technology is causing security breaches, as IT managers are distracted from ensuring that operational procedures are effective, according to research by KPMG.
Sixty-eight per cent of executives say identity and access managemnt (IAM) projects are hindered because they focus too much on technology, neglecting the necessary organisational and procedural changes, the survey revealed.
Only 11 per cent are completely satisfied with the outcome of their IAM projects.
And the survey found that 50 per cent of IAM project failures are caused by lack of engagement between IT and the business.
Technology only plays a part in security, said Malcolm Marshall, partner at KPMG.
“The common misconception is that IAM is about dealing with 'user-ids' and 'passwords'," he said.
"IAM is 80 per cent process, policy and governance and 20 per cent technology. Recent control failures have shown that failing to get the governance of policies and process right can lead to serious security breaches.
“Frequently only the technical operation side of the system is considered," he added. "Failing to get buy in across the business for the non-IT changes these systems require is crucial.”
No comments:
Post a Comment