For example, while we have deployed data leak prevention technology (that's the "DLP" in the list above) to detect when key documents leave the company, we have not enabled prevention or blocking features; we can monitor but not prevent. We also lack network sensors in every office, leaving gaps in coverage. Then there's our network access control (NAC) deployment. We have rolled that out only to large offices -- and not even to all of those -- and we currently monitor only for devices connected to the network. We haven't yet enabled the enforcement of NAC, since we're still tuning the deployment and dealing with exceptions and other challenges related to mobile devices and nonstandard systems.
On the other hand, some of our security technologies are fully mature. Our firewalls have intrusion prevention enabled and actively block malicious traffic. We also enable URL filtering on our firewalls to block access to sites that represent legal or security risks.
But when I step back and evaluate our security landscape, I realize that we're still very much in what Gartner calls the Awareness phase -- in fact, my honest assessment is that we're in the lower quadrant of that phase. My goal for 2013 is to accelerate the security program by enforcing policies, and thereby move us closer to joining that magical 5% of companies that have achieved Operational Excellence. For now, that's a pipe dream, but it's a worthy goal.
This week's journal is written by a real security manager, "Mathias Thurman," whose name and employer have been disguised for obvious reasons. Contact him at email@example.com.
Join in the discussions about security! Computerworld.com/blogs/security
Read more about security in Computerworld's Security Topic Center.