Why security needs to catch up to Web 2.0 technology
Tom Gillis, GM of Cisco's security technology business unit, details the challenges security professional face as new technologies find their way into organizations - like it or not
By Joan Goodchild , Senior Editor
June 22, 2010 — CSO —
Security managers can keep blocking Facebook, refusing to support mobile devices and vetoing cloud-based services, but they aren't going away. And ignoring ways to make room for them in your security program is like burying your head in the sand, according to Tom Gillis, vice president and general manager of Cisco's security technology business unit, and author of the new book Securing the Borderless Network: Security for the Web 2.0 World.
Also read about what crosses the line from OK to not safe for work in today's Web 2.0 office
Gillis' main message in the book is that today's new Web 2.0, virtualization, mobility and collaborative applications offer huge potential for enhancing productivity and competitive advantage. But they also come with complicated new security issues. He spoke with CSO about the challenges that lie ahead for security professionals in a technological environment where the rules have changed.
CSO: Let's start by talking about the potential you think new technologies, such as mobile devices, offer organizations.
Tom Gillis: In the 1970s and 80s, I was an engineer and I used to write design memos on an IBM Selectric. When the personal computer came out, I was using a MAC SE/30. I was amazed at how quickly I could get my job done.
But when you rolled the productivity these machines offered up at the top level, it kind of disappointed economists, political leaders and business leaders. During that period, the 70s and 80s, we saw GDP growth on order of about 2 to 3 percent a year.
It wasn't until we figured out how to connect these devices, the introduction of the local area network and the internet, that that GDP shot up to 4 to 5 percent. That's what we saw in the late 90s and 2000s and it was driven primarily due to this new fluid exchange of information.
I believe, and many analysts believe, that the mobile internet will have that same level of impact. We're looking at another decade of 4 to 5 percent productivity enhancements. Companies that are forward thinking with their security policies will be able to adopt these technologies and better benefit from those 4 to 5 percent productivity enhancements better than others that don't.
When you say the mobile internet, you're referring to adopting technologies such as smartphones in the enterprise?
All kinds of mobile technologies. The iPhone was the first really usable web browser in a hand-held device, but now there are hundreds of other devices that are like it. And, as my son points out "This thing IS a computer." A user can do all the things they need to do using palm-based applications and a hand-held smartphone, instead of a laptop.