Today, as product teams are under intense pressure to reduce time to market, while doing their own deployment and managing their applications.
This fundamentally changes how organizations perceive the responsibility for securing their systems. Decentralized security moves responsibilities and controls away from the center, to the individual areas most vulnerable to attack today.
Decentralized security enables risk management and security enforcement right across the business. It empowers every team, and makes security everyone’s responsibility. It makes security a part of system design, so it can be woven into all aspects of your IT infrastructure — helping safeguard your business.
Making security everyone’s responsibility, and offering teams greater technological freedom, with the understanding that they will secure what they use.
Faster innovation, a more security-aware workforce, less work for central security teams, and reduced risk exposure.
When you put security into users’ hands, there’s a risk they won’t uphold the policies you set — undermining the entire initiative.
Decentralized security is being used to embed security into individual business units, and better protect constantly changing IT networks and services.
What is it?
Information security has traditionally been managed by a single, centralized team of experts. They set the rules, they defined policy, and it was up to them to approve and secure all new technology used by your business.
This team had total control, and all security-related decisions were made by trained experts, which helped to prevent vulnerabilities forming. But, with the rise of cloud, the way business units acquired technology changed — making it harder for a central security team to maintain control over everything.
Decentralized security is better suited to today’s ‘help yourself’ cloud world. Individual teams are empowered to make their own technology decisions. Decentralized security makes it their responsibility to secure the solutions they choose, instead of making a central team desperately fight to keep up with everything being used across the business.
What’s in for you?
Decentralized security makes information security everyone’s responsibility. It can help you build a strong culture of security and data protection right across your organization. That’s useful for preventing damaging data breaches, and can even help you position yourself as a business that takes the security of customer data very seriously.
It also carries significant innovation and agility benefits. When every solution has to be verified and secured by a central team, it takes longer for solutions to go live and it can restrict what teams can use. Decentralized security helps everyone use exactly what they need, when they need it, so you can seize opportunities and innovate faster.
What are the trade offs?
Once you make security everyone’s responsibility, you need everyone to hold up their end of the deal. You need robust policies and training programs in place to ensure that everyone truly is doing all they can to secure your data and IT services.
It’s also a major shift for your core security experts. They have to relinquish a certain amount of control and be ready to spend far more of their time setting and editing security policies — and ensuring they’re being upheld throughout the organization.
How is it being used?
Decentralized security is being applied in organizations of all kinds to share security responsibilities and keep data secure everywhere while maintaining a high level of technological freedom.
It puts security in the hands of the people with the greatest power to influence it. By making the people that handle data and systems responsible for their security, businesses are ensuring that security stretches to everywhere their IT services are used.
Search for another topic
Would you like to suggest a topic to be decoded?
Just leave your email address and we'll be in touch the moment it's ready.