Securing The Enterprise - Identifying Sensitive Data

Several months ago, I wrote a post about the Top 3 Mistakes in Data Loss Prevention (DLP). In that post, I mentioned that the typical (and logical) first step for all DLP programs was the ability to identify and classify sensitive data. But that sounds a little easier than it often turns out to be. There are a number of reasons why sensitive data identification can be tricky, here are just a few of those: Many organizations don’t have well documented...

Read More

Why Every Enterprise Needs a Hybrid Cloud Governance Strategy

Over the past five years, I’ve had the opportunity to work with more than half a dozen Fortune 500 clients as well as several government agencies in various contexts. There is one thing that every one of these organizations had in common – all of them needed a Hybrid Cloud Governance Strategy and none of them had one. I’m sure that there are a few organizations out there that have tackled this already, but if there are, they’ve certainly jumped...

Read More

Understanding Security Controls

Security Controls sound a little bit menacing upon first hearing the term, however there’s nothing scary about them – that is unless you have a large organization that doesn’t happen to be using them. Let’s start with a definition: A Security Control is a specified behavior, process, configuration or capability – or combination thereof – designed to counter specific or non-specific technical threats to an information environment. Now, there are...

Read More

The IT Architect as Honest Broker

What exactly is an Honest Broker? Sometimes the term is heard in the context of political discussion, however the phrase applies to just about any field of endeavor. The role of Honest Broker refers to someone who applies their expertise in a fair and unbiased manner and more importantly communicates that expertise forthrightly without fear or concern for potential reprisal. Another way to think about the role is that the Honest Broker is the polar...

Read More

The Top 7 Reasons for Data Governance

In the Age of Big Data, many people might think that the practice of Data Governance is a thing of the past – nothing could be further from the truth. Data Governance has often been misunderstood or underappreciated and relatively few organizations have taken the time and made the investment to integrate it into their enterprise processes. So, there are actually several questions that need to be answered here: Does the de-normalization of data...

Read More

The 5 Principles of Performance Engineering

One of the tasks an IT Architect is typically assigned with is reconciling infrastructure and application needs, this holds true for the Cloud just the same as on-premise solutions (and all Hybrid variations of the 2). This type of reconciliation is typically referred to as Performance Engineering. Performance Engineering is seldom a one-off activity, although Architects tend to get involved during crucial junctures such as planning phases or...

Read More