Blackberry News & Tips Newsletter
 
NEWSLETTERS
 

CIO.com updates, insights and advice on technology, management and your career.

 CIO Enterprise Applications
 CIO ERP
 CIO Insider
More Newsletters | Edit Profile
 
RSS Feeds »
 
 
LEADERSHIP
 
CIO Executive Programs
The Leader in Face-to-Face Education for Senior Executives

Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »

 
CIO Executive Council
A Peer-Advisory Service and Professional Association for CIOs

Mid-Market CIO Panel: Tips and Techniques for Improving Vendor Relationships

July 15, 4:00 PM - 5:00 PM U.S./Eastern (GMT-4)

We'll highlight relationship priorities and best practices identified in a Council study, and we'll interact with a CIO panel on the approaches they've used to improve strategic vendor partnerships.

Secrets of Successful Vendor Contract Negotiations for the Mid-Market

Sept. 10, 2009, 11:00 AM - 12:00 PM U.S./Eastern (GMT-4)

On this free public Council teleconference, Matthew A. Karlyn, attorney at Foley & Lardner in Boston, will share tips on negotiating tactics and new, creative contract terms to help mid-market CIOs make better deals.

Executive Competencies Assessment Tool

Assess Your Business Leadership Skills with the Council's new benchmarking tool. Rate yourself in change leadership, strategy, customer focus and more.

More / Register »

Learn more about the CIO Executive Council »



 
 
RESOURCE CENTER
 

buy a link »

Ads by TechWords
 
 
SUBSCRIBE TO CIO
 
Are you involved in setting the direction for your company's IT budget or strategy?

Apply today for a FREE subscription to CIO Magazine!

Subscription Services »
Reprints »

 
 
News Feature
 

Acceptable Risk

?I want every state employee to have access to the Internet.?So went Secretary of State Colin Powell?s battle cry for ...

 

By Sarah D. Scalet

January 15, 2002CIO

?I want every state employee to have access to the Internet.?

So went Secretary of State Colin Powell?s battle cry for improving the morale and efficiency of his troops upon taking office in early 2001. It may seem like a retro goal for the year 2002, but the U.S. Department of State has always had one good excuse for not having cutting-edge technology: security. In the late 1990s, the department?s OpenNet platform gave 30,000 users around the world access to a department intranet and e-mail but not to the Internet. The department was following a strict policy of risk avoidance, but now officials say it?s time for a change.

?Risk avoidance is to stick your head in the sand and say, ?We?ll be safe if we never use the Internet,?? says State Department CIO Fernando Burbano. ?We?re doing risk management now. We know how to add the additional security and how to tighten things up.? That means penetration testing in which white-hat hackers (the good guys) look for holes in the system. It also means that users won?t have all the risky bells and whistles most businesspeople enjoy, such as the ability to run ActiveX and JavaScript on their Web browsers.

Thanks to the $110 million that Powell has earmarked to fund Internet access, users will no longer have to jostle for Internet time on standalone computers. Instead of shuttling between three computers, they?ll use only two: one for classified information, and another for unclassified and ?sensitive but unclassified? information. (Well, sort of. Many users have one monitor and keyboard and use an electronic switch to toggle between classified and unclassified CPUs. The classified hard drive is removed and locked in a safe while not in use.)

Burbano says that by adding on to the OpenNet platform rather than supporting a third computer for every user, the department slashed its price per seat from $5,400 to less than $1,000.

The attitude adjustment from one of risk avoidance to risk management will be a big leap for some?especially considering the newly urgent threat of cyberterrorism, plus the department?s history of embarrassing security lapses. In 2000, the State Department had to remove from its systems software written by a citizen of the former Soviet Union, and a laptop containing classified information disappeared from headquarters.

In spite of the danger and spotty track record, security experts say the department needs to start dealing with security issues rather than just trying to avoid them. ?State needs Internet connectivity with the world to do its job effectively,? says Dorothy Denning, author of Information Warfare and Security and a professor of computer science at Georgetown University. ?You can?t be a participant in today?s society without opening yourself up to security risks.?

© 2008 CXO Media Inc.
 
 
Loading...
 
WHITE PAPERS

The Future of Financial Reporting

Finance and accounting executives must understand, adapt to, and manage the costs associated with changes: and doing so opens an opportunity to leverage this shift to better position their companies in the eyes of the investment community.
 

Offset Expenditures with Old Switches

Learn how to unleash the hidden cash in your used equipment.
 

Managing an Offshore Development Center

Since the early 1990's companies have been searching for places in the world where they can tap into reduced development costs and a better business environment.
 

5 Tips for Data Loss Prevention Solutions

RSA® The Security Division of EMC has identified 5 key considerations to help organizations simplify the evaluation process for selecting a DLP solution that is right for their business.
 

Communications Transformation Platform

The Communications Transformation Platform enables you to provide the services your customers demand - faster, cheaper and with less risk.
 

Global Change in the TV Industry

Capgemini and MediaXchange have captured key insight to the change across the TV industry.
 

WEBCASTS

Managing Client Systems in the Enterprise

Keeping client systems costs under control is just one of the many initiatives IT must address when trying to manag...
 

IT Consolidation Made Easy

The Primary IT Initiative for Reducing Costs
 

Webcast with Dan Vesset: Investing in Business Analytics Technology

What exactly is business analytics and why should you care? Dan Vesset of IDC and Gaurav Verma of SAS answer this a...
 

Capitalize on Your SAP Content

After 18 years of partnership and over 3,000 successful customer deployments, Open Text has become SAP's premier pa...
 

Enterprise Cloud Computing: Ready for Primetime?

The progression toward enterprise cloud computing is happening today, as industry leaders deploy technologies that ...
 

Preparing Your Business Services for the Future

Would you trust your network monitoring tools enough to know when something is truly halting a business service? Wh...
 

Resource Alerts

Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.

 
FEATURED SPONSORS
 
 
 
SPONSORED LINKS
 

Offshoring Risks - How Will You Stay in Control?

64-page prescriptive guide to security, compliance, and IT operations.

Get Google Enterprise Search for your business information.

Accenture IT Consulting: Enabling high performance. More...

Top Five CIO Challenges

Insight makes it easy to spend your Microsoft subsidy check.

Five minute business analytics assessment. Immediate results.

Dangerous Collaboration Practices: 5 Ways IT Can Minimize Risk

Accenture: Outsourcing for uncertain times. Click to learn more.

Keep online transactions fast with CA Wily APM

Get agile IT security with CA Security Management

Trade in your old laser printer and get up to $1000 back!

Taking the Service Desk to the Next Level

Revolutionizing Enterprise Application Deployment

Why Data Loss is Increasing--and What You Can Do About It

Data Loss Prevention: A Better Way to Approach Security

Learn how to managing client systems in the enterprise.

Build a High-Performance Open Web Platform

Mid-Sized Company CIO Community: infoBOOM!

Enterprise PBX Comparison Guide

Getting Value from Outdated Networking Equipment

Top-line Performance that's Bottom-line Efficient

White Paper: 8 Key Ingredients to Building an Internal Cloud

Read about virtualization and consolidation effort best practices

Building the Virtualized Enterprise with VMware Infrastructure

Reduce risk, gain agility. See how Progress can help your business.

Improve ROI, lower TCO and reduce energy consumption.

Introducing the new HP ProLiant G6 server family

Accenture: Outsourcing for Competitive Advantage. More...

Better spam protection with Postini for just $1/user/mo

Introducing the new HP ProLiant G6 server family

infoBOOM! - The Mid-Sized Company CIO's Exclusive Community

Accenture IT Consulting: Logical meets technological. More . . .

The Fraudster Economy Model: Operating a Business in the Underground

Payback in 9 months with CA Spectrum solutions

The Case for Investing in Business Analytics Technology. Read white paper.

Live Webinar: Applying Business Analytics. Click here to learn more

Seven Ways ITIL Can Help You in an Economic Downturn

Developing A Dynamic, Real-Time IT Infrastructure

Maximizing the Business Value of the PC Infrastructure

Communications and Collaboration Needs at Business Organizations

Using Open Source to Deploy Web Applications

Cloud Computing: Read about VMware's compelling vision & set of products

Enterprise PBX Buyer's Guide

Secondary Market Primer: Your Network at Half Price

How Interactive Viewer Reduces the Effort to Meet Visualization Requirements

Stop Application Fraud at the Source with Device Reputation

Learn about the VMware vSphere (TM) & Intel (R) Xeon (R) Processor 5500 Series

Learn how a virtualized enterprise can help your company reduce costs

Why Isn't Server Virtualization Saving Us More?