Does Security Know the Company is Already Embracing Agile IT?
An interview from RSA 2016 with Jon Oltsik of the Enterprise Strategy Group on how security needs to adapt to keep up with the development side of the business.
Join the DZone community and get the full member experience.Join For Free
Originally Posted on CloudPassage
“The security company needs to know the company is embracing agile IT,” said Jon Oltsik (@joltsik), Senior Principal Analyst, Enterprise Strategy Group, in our conversation at the 2016 RSA Conference in San Francisco. “[Security] needs to adopt their processes and their technologies so that they’re flexible enough to keep up with agile IT.”
“The primary trend we see is companies trying to use their existing technologies and processes for cloud, for agile IT. That makes sense. They’re trying to get ROI on the tools that they know. But typically that doesn’t work,” added Oltsik, who advises companies to look at what they have, but also what they need to adjust in a new agile world.
There is not one new environment, said Oltsik. It’s a heterogeneous environment and you need tools that can operate in this kind of environment both on-premise and off-premise. You don’t want security controls specific to one environment, but rather security controls that can adapt to all the changes that are happening in the hybrid environment.
When we talked about microsegmentation, Oltsik said we need to have segmentation policies from workload to workload. Ask yourself, “What is the workload. Where is it? What does it need to talk to?” This is a completely new way of thinking about security that companies really need to adopt.
Published at DZone with permission of Tatiana Crawford, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.