Wednesday, August 27, 2008

Successful Open Source Security Is Knowing What to Secure

Imagine the CIO of a consumer bank who thinks he is running 50 Oracle databases, but now finds out that in fact he has 100 databases installed behind his firewall. He doesn't have any idea where the other 50 came from. He doesn't know the name of the vendor(s) supporting them. And he doesn't have anyone on his IT team assigned to managing them. This scenario would be totally unacceptable That CIO would be shocked to hear that a very similar situation is happening today. But it's not undocumented databases that will surprise him. It is undocumented open source software embedded inside externally facing web and software applications.

Spend Small, Think Small

Often times the philosophy of "spend small, think small" prevails for most IT organizations. Unless an organization is adopting a large open source project such as Linux, special resources are not being allotted to the management of open source adoption.

Read More Article....

No comments: