“Availability vs Security” OR “Security vs Availability”. To be or not to be… All or nothing…
Here is the dilemma: When everybody in an IT department is taken hostage by a single (!) junior (!) Information Security Officer (already a bad practice but let’s admit it exists in many companies) decides to go wild and act as the sole responsible for approval (in fact disapproval) of each IT decision, interferes with the IT services and operations, starts policing all IT work, and knows only “NO” word, what do you do, what are your options? He indeed does his work “well” compared to the “poor performances” of his colleagues from the IT department! Furthermore, he reports directly to the company CEO!
Let’s see who will take this challenge. Some good references are also welcome.
