- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
The issue was not political, at least not in my mind. It was all about security. In the national hoopla over whether a foreign government or those under its control should run operations at major U.S. ports, I heard lots of misplaced xenophobia. I wanted to understand the security implications as they might apply to networks in a similar situation, and that took me back to 1999.
At a classified counterterrorism briefing, speaking to a room full of Pentagon brass, I opened with, "Generals, you have lost command authority of your armies." I described the implications of the military using foreign nationals to operate unclassified aspects of their global networks. The idea had been that using local individuals in overseas bases was good politics, and because the networks and information were all unclassified, what's the harm?
The first harm is that unclassified networks that supply meals and travel orders, for example, support military readiness. That is why U-boats targeted the shipping lanes during the Battle of the Atlantic. A severe compromise of a portion of our unclassified networks could be just as devastating as a breach of classified security. The Pentagon got the message and the policy was changed quickly.
What do you think? Discuss Schwartau on outsourcing.
The second harm is that if you take a bunch of unclassified data and piece it together in the right way, like a jigsaw puzzle, the resulting information could be immensely valuable to a potential adversary. This is why so many organizations are sensitive to dumpster diving and other techniques that can divulge seemingly innocuous information to the public domain. Most of us try to protect company phone books, employee rosters and so on.
The question is, how much of your infrastructure operations and security-relevant processes do you want to outsource? While thinking about the United Arab Emirates/Dubai national security parallel and the natural follow-up - "Is our network protection any less important?" - these questions come to mind:
Do you want to outsource any of your critical IT operations? If so, how do you make the distinction between mission-critical and non-critical day-to-day operations?
If you outsource, how quickly can you bring full operations back to an internal function?
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment