Stories by Mathias Thurman

  • Security manager's journal: Heading for the clouds

    What makes a good information security professional? I think it's starting at the bottom and working your way up, occupying various positions along the way and obtaining skills in every one of them. It's understanding the business and having the ability to influence others. It's having a breadth of knowledge in various business sectors.

  • Security Manager's Journal: Without patch management, you are nothing.

    Does it all come down to patch management? As a security manager, I pursue many initiatives, striving to protect the company on many fronts. But patch management is a key metric of our risk exposure, since there is a direct correlation between security incidents and patch compliance. So, in a way, it does all come down to something as basic as patch management, because if we fail there, we can't be secure.

  • Better security for not quite everyone

    It's scary to think how much sensitive or even valuable information can be gleaned from an untended PC, even one whose user just walked away for a few minutes. That's the sort of thing that security managers fret about but the rest of the world hardly notices.

  • Security Manager Journal: Woes hang up mobile policy

    Over the past seven months, I have led a team of IT representatives in making sure that all mobile devices are aligned with our new security policy. I thought this was going to be straightforward -- a few mouse clicks to check off some boxes, and our policy would be in effect on our entire inventory of mobile devices.

  • Deciphering laptop encryption

    During the past two weeks, I started up a disk encryption project, one of the technology initiatives under my company's intellectual asset protection program.

  • Protecting the crown jewels

    You would probably imagine that a company that writes and sells software would make the protection of that software paramount. That's why it's hard to believe that my company has implemented no comprehensive efforts to prevent its bread-and-butter software falling into the wrong hands.