Information integrity strikes a chord

This past summer, while the Royal Bank was battling its IT demons, the company ultimately had only one concern — was the information stored on its servers trustworthy? As it turns out, customer account balance snafus notwithstanding, the bank did have faith in its data and the recovery which, though time consuming, was successful.

This concept of information integrity was the focus of a recent Symantec Corp. Webcast.

John Schwartz, chief operating officer, said companies can assume a 10:1 ratio for the cost of a single incident versus the price of protecting the data’s integrity in the first place.

But Victor Keong, a Toronto-based partner in Deloitte’s security services practice, said the idea of data integrity is nothing new, especially for the financial institutions. And though he doesn’t necessarily disagree with the 10:1 ratio, he said some industries just don’t see the need for a high level of IT continuity investment. Keong pointed to manufacturing as a case in point, but was quick to add that the industry is less IT intensive than others.

One organization that is IT intensive is Atos Origin, the group responsible for the 2004 Athens Olympics IT infrastructure. The company was also responsible for Salt Lake City in 2002, and has been contracted to handle IT for the 2006 winter games in Torino, Italy and the summer games in 2008 in Beijing.

Data integrity was critical to the game’s success. said Yan Noblot, Altos Origin’s information security manager. Without it, events come to a halt. For example, no event’s result is final until a printout of the results is signed by the proper authority. So if data has lost its integrity, the results are incomplete, and go unsigned. In essence, everything comes to a stop, he said.

To make sure there were no problem, Noblot said his team in the 135-seat technology operations centre (TOC) ran through scenarios that pushed both the people and the systems to see how they would handle stress. They did extensive penetration testing too, he said. The group was responsible for the IT infrastructure at 36 sporting venues and 26 non-sporting venues, as well as the physical access for 200,000 people to those sites.

Over a 16-day period, Atos Origin’s infrastructure had 4,700,000 filtered events, of which only 22 turned out to be critical alarms.

In order to be successful, the security team had to “understand the traffic flow,” he said.

Additionally, to make management of the systems easier, a standard environment was used to facilitate patching.

The TOC was “the brains” behind the games, Noblot said, but “at the end of the day we still had to have our eyes open.”

John Thompson, the CEO of Symantec who was speaking via satellite from New York, said the big challenge is the battle between the “go, go, go” of the IT/operations people and the “lock it down” mentality of the security folks.

To help solve this, though maybe not the inherent turf wars that can occur between the groups, Symantec is introducing a series of products and services; including the Enterprise Security Manager 6.1, Gateway Security 4.0 and the Live State Recovery family of products.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now