It’s amazing how cloud computing has come to take over a growing number of critical tasks normally handled by IT departments. Unfortunately, it’s not so amazing to IT security workers, who are in great danger of being left in the dust. For computer security professionals, cloud computing could be the one thing that puts them out of a job.
There’s still hope however. IT security professionals may have to live with some of the ongoing changes presented by the cloud, but they can remain in control by reevaluating how their organization uses its technology.
A Savior in Configuration Management
Configuration management could be the very thing that saves IT security personnel. The need to keep employer data safe is something that is understood by cloud providers, but the overall practice still leaves plenty to be desired in a variety of areas.
Whereas cloud providers take a somewhat distanced approach to security, configuration management means taking a more hands-on approach, namely by keeping tabs on the software and hardware used throughout the organization. IT security professionals are also tasked with monitoring application use on each employee’s computer.
At first glance, configuration management seems like a hard pill to swallow due to the deep level of understanding required of the enterprise’s operations, choices in technology procurement, and personnel.
On the outset, it seems much easier to let cloud providers take the reins when it comes to security issues. However, this leaves the door open to data breaches and other security setbacks that could prove time-consuming and expensive to resolve.
Proving Worth
As with any sort of change, the hardest part is stating an effective and compelling business case for configuration management. That means demonstrating to business executives how effective it can be when compared to putting cloud providers in the driver’s seat.
For starters, a move towards configuration management can help enterprises better manage their vulnerabilities and prevent catastrophic oversights and mistakes from happening. One such example involves understanding software choices and usage habits among employees. This can help IT security professionals pin-point and flag activities that are out of the ordinary.
Showcasing the potential cost savings offered by configuration management can also help drive the point home and garner interest from top management. For instance, mentioning the potential costs of cleaning up malware on computers left exposed by a lack of a configuration management plan can help bring the benefits into focus.
In the end, configuration management means that IT security personnel can maintain a non-trivial level of control over their infrastructure and perhaps even reduce overhead costs in the process.
