I was listening to Alanis Morissette sing with much angst in my car the other night when it struck me that the IT world is fraught with irony.
Take the recent DBS Bank fiasco, for example, banks and most financial services providers typically load their IT infrastructure with layers after layers of redundancies. And yet, it reportedly took only a mislaid component during a repair job to bring down DBS' hardy network, causing it to lay unresponsive for seven hours--seven very long hours, I'm sure, for a bank that has over 3.2 million customers in Singapore.
I had a quick conversation with some execs from an IT security company yesterday where we touched on what enterprises were concerned about with regard to security. The consensus was that most businesses here seemed more focused on the edge of the network, rather than the core. It seemed ironic, especially when you consider that many slips in the network are caused internally by human oversights and errors--as shown in the DBS fiasco.
It's the analogy security firms like to narrate, about a cautious homeowner who pays thousands of dollars to install the most high-tech home security system with movement sensors placed at every possible opening around his house--only for him to leave the frontdoor wide open for the burglars because he was in a hurry that morning.
News headlines about security breaches, software vulnerabilities and cyber attacks are commonplace these days. Data is a lot more valuable today and offers a highly lucrative opportunity for cybercriminals, so organizations worldwide know they have to invest in the necessary security tools to safeguard their critical data and corporate networks.
According to Gartner, businesses dedicate some 5 percent of their total IT budgets on security where the average company spends US$525 per employee on security. This amount varies depending on the industry the organization competes in where insurance companies, for instance, on average spend US$886 per employee, Gartner estimates.
It's clear that businesses are aware of the risks, so why do they still allow the simplest of oversight to run down their network?
Perhaps it's because we are sometimes so focused on the details that we forget about the big picture. That's probably why some of us scratch our heads to come up with the most creative password, only to have to write it on a piece of PostIT because it's so fancy we can't remember it.
It's not enough to throw dollars into beefing up a company's security infrastructure without establishing and reinforcing the necessary policies to ensure this infrastructure is properly managed.
It's also not enough to provide the dots without ensuring all the dots are connected to offer users a complete ecosystem. Google, for example, has invested much efforts and resources in fueling the development of apps for its Android platform, but it has yet to make paid Android apps accessible to most users in Asia
It's funny, too, how there's a multitude of gadgets available today that's designed to make our lives better but that also keeps us awake at night whenever it beeps to tell us an "urgent" e-mail has just come in.
Isn't IT ironic, don't you think? A little too ironic, I think.