Security folks have been saying for some time now  that organizations need to take a long, hard look at how they think about information security. Now that intellectual property is the target of attacks, the stakes are higher. Organizations must start from the assumption that no endpoint is secure and build their security programs around that hypothesis. In this world, authentication is not enough—the underlying activities could still be malicious.

In this podcast, I discuss with Novell security specialist, Ben Goodman, how the Aurora breach has shined a spotlight on the failure of the traditional perimeter security model. The response to these threats must be multi-faceted. Ultimately, we believe the solution may lie in systems that tie together all the information available within an enterprise. Mining that wealth of information for inconsistencies, and putting a lens to the fine-grained activities that are taking place will lead organizations to broad-based user-activity monitoring. Any time a valuable asset is accessed, systems will check to see if that access is consistent with what's expected – anything out of the ordinary will trigger alarms or could shut down access completely.

What are your thoughts on the Aurora breach? Post your comments and let's start a discussion.

• Performance – by improving predictability and automating and enforcing common controls while providing transparency to business processes across the organization
• Assurance – by lowering overall risk and increasing external and internal compliance
• Simplification – by eliminating resource silos and inefficiencies and by automating the process of discovering and remediating high-risk business problems

Companies also need experienced and proven guidance to help them integrate their siloed security and compliance efforts. Since 2008, Novell and Atos Origin have partnered to deliver this knowledge and experience helping customers meet stringent security, governance and compliance requirements.

“Today's complex information security environment, combined with the pressure on budgets, requires an end-to-end approach that provides efficient solutions aligned with the business risk challenges,” says Paul Bray, senior vice president and head of global SAP for Atos Origin. “SAP's Business Objects Governance, Risk and Compliance (GRC) and Novell's Compliance Management Platform extension for SAP environments solutions combined with Atos Origin's experience in integrating large security projects in complex IT environments enable customers to improve business predictability and performance, manage risk and reduce compliance costs.”

Visit the Novell booth (#140) to see this powerful solution in action at SAP Governance Risk & Compliance 2009.  You can also attend the session, Best Practices for Integrated IT governance Using Novell Compliance Management Platform Extension for SAP Environments, to learn more.

• Date: Wednesday, November 18
• Time: 10:15-12:00
• Location: Prague Congress Centre, Prague, Czech Republic