They say avoiding these practices and instigating both short and long term changes will improve security while increasing network availability and user satisfaction. The Dozen aren't necessarily new to the IT world, you might find that issues you face in your organization impact most groups:
- Shiny new object syndrome
- Culture of no
- Insufficient focus on users and business requirements
- Defense with inadequate depth
- Organizational misalignment
- Suboptimal branch architecture
- Security blind spots
- Uncoordinated policy management
- Noncompetitive vendor selections
- Hazardous network segmentation
- Inadequate end-user education
- Inadequate security event management
Many of the solutions are common sense. For example, the shiny new object syndrome, where groups jump on every new solution that appears on the market leads to a best-of-too-many-breeds environment. They have all the tools, but nothing works together. No synergy. Gartner suggests that while IT personnel are encouraged to find technical solutions to problems, just bolting on new tech doesn't always make for a better result.
Changes to policies and process and leveraging existing technology might have a better outcome. Maybe instead of jumping on something new, waiting for existing tools to integrate the new functionality could achieve a similar impact.
Some of the Dozen are mirror images, as is the case with the "Culture of No," standing in stark opposition to the "shiny new object syndrome." As you can guess, instead of going after the latest and greatest, IT groups in the culture of no make a living on maintaining the status quo, avoiding changes in technology as well as in business requirements. In the Us-versus-Them environment, risks are multiplied because the enterprise looks to circumvent IT to get things done.
Other entries in the list of twelve issues include several related to under-engineered solutions based on just checking the box while not totally evaluating the big picture and specific environment. Organizational problems can pit networking and security teams against each other, increasing the number of technical interoperability issues, mis-designed solutions and wasted money.
It's an interesting list to check out. You might just find you see bits and pieces of your organization in each of the Dirty Dozen. Not surprisingly, Uplogix might be able to help you out with a few of them. From security to strengthening centralized tools and simplifying network management with automation and giving different users the information and access they need to do their job (without snooping beyond what they need to know), Uplogix uses its position as the most evolved out-of-band solution to help you eliminate the Dirty Dozen from your IT group.