GreenPages Blog

As an IT professional, you need to stay current on all things tech; with articles from industry experts and GreenPages' staff, you get the info you need to help your organization compete and succeed!

All Posts

Avoid the Security Umpire Problem

Have you ever been part of a team or committee working on an initiative and found that the security or compliance person seemed to be holding up your project? They just seemed to find fault with anything and everything and just didn't add much value to the initiative? If you are stuck with security staff that are like this all the time, that's a bigger issue that's not within the scope of this article to solve.  But, most of the time, it's because this person was brought in very late in the project and a bunch of things have just been thrown at them, forcing them to make quick calls or decisions.

A common scenario is that people feel that there is no need to involve the security folks until after the team has come up with a solution.  Then the team pulls in the security or compliance folks to validate that the solution doesn't go afoul of the organization’s security or compliance standards. Instead of a team member who can help with the security and compliance aspects of your project, you have ended up with an umpire.

Now think back to when you were a kid picking teams to play baseball.  If you had an odd number of kids then more than likely there would be one person left who would end up being the umpire. When you bring in the security or compliance team member late in the game, you may end up with someone that takes on the role of calling balls and strikes instead of being a contributing member of the team.

Avoid this situation by involving your Security and Compliance staff early on, when the team is being assembled.  Your security SMEs should be part of these conversations.  They should know the business and what the business requirements are.  They should be involved in the development of solutions.  They should know how to work within a team through the whole project lifecycle. Working this way ensures that the security SME has full context and is a respected member of the team, not a security umpire.

This is even more important when the initiative is related to virtualization or cloud. There are so many new things happening in this specific area that everyone on the team needs as much context, background, and lead time as possible so that they can work as a team to come up with solutions that make sense for the business.

Download this free security webinar to learn more.

Comments

Related Posts

Tech News Recap for the Week of 01/13/20

If you had a busy week and need to catch up, here’s our recap of tech articles you may have missed the week of 01/13/20!

Tech News Recap for the Week of 01/06/20

If you had a busy week and need to catch up, here’s our recap of tech articles you may have missed the week of 01/06/20!

Back to the Future: 2020 Cloud Predictions from 2015

We dove deep into our blog archive and discovered a gem from 2015, "Cloud Computing in 2020: Looking into that Crystal Ball." We got a few things right and we got a few things wrong, including the circa 2015 concept of a cloud architect being an "emerging idea." I thought it would be great to write an update on where we are now with these former predictions. We asked David Jones, GreenPages' Director of CSP Operations, to go back to the future and respond to our 2015 predictions. Read his responses (in green) below! Let's just hope Biff doesn't get his hands on this article in the past, you never know what he could do with it!