Information Security Officers are often tempted to “monitor it all”, up to the each key stroke of each employee if possible! IT departments on the other hand need to ensure the availability of secure and reliable IT resources, services, and operations to the company (with some “acceptable” performance if at all possible!).
We all know that the sky is the limit for IT security management products, suites,…etc. If these products are configured “tight” on the security side, their interaction with the operating system level security management often creates a bit of challenge. Just think of the competing monitoring traffic on the file servers… Then come the Information Security Officers (who -once again- managed to got away with their demands) asking IT department to solve the performance problems at once!
So, how and where can we put some common sense and make the senior management listen to us also? What are the possible baselines, or “industry best-practices”?
