Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Network and applications groups disconnect makes for bad practices

One ITKnowledge Exchcange member identifies several security-related problems that may be attributed to a lack of communications between network and applications groups.

Many administrators spend their time securing Windows at just the network level or just the applications level -- and never cross the line from one group to the other. Where does your domain lie and how do you keep Windows data secure even if the perimeter is compromised? We asked those questions of our ITKnowledge Exchange members. Here is one of the responses, or return to the main page for the complete list of letters to the editor.

Network and applications groups disconnect makes for bad practices

Michael McCamey
Senior Network Systems Engineer
Hospital company
Plano, Texas

The network and applications are very different, looked at differently and managed by different people.

The disconnect between the groups is not completely separate, but there is no total IT group approach. Changes may be discussed, but they aren't often tested in time.

Our lead manager is more on the network side. He only focuses on securing the perimeter or the network and firewall level. Thanks to HIPAA and SOX requirements, we are just now getting some of the security needed at the server, data and application level.

We are not yet completely compliant as we still have to conduct product research and deploy the products we select. Over a year ago we asked for a log management and reporting tool – yet we still don't have anything.

As for our environment, we are mostly a Windows shop. We do have a few AIX hosts for a specific application and three VMWare ESX servers. The hosts inside the ESX servers are all Windows. I am based at the corporate office, where I support approximately 80 servers and 450 workstations. Currently about half of our facilities manage and maintain their own systems.

Most of our protection is implemented through NTFS, working toward the whole needed services thing with the Microsoft operating system.There is no data protection plan in place and one may not even be on the minds of the management staff. Personally, I would guess it's not on their minds at all.

Will the disconnect between the network and applications groups ever improve? I sure hope so. It is a very bad practice. Projects take longer, it's easier to get frustrated with the user base, etc. Either management or a project person should be assigned to ensure that interested and essential parties are involved in a project. Several times I have worked on projects someone else was working on at the same time, which is a waste of time and effort for both parties. Thanks to poor communications, changes are not made as they should be.

Return to the main page for all letters to the editor regarding network vs. data security -- or e-mail us your own comments.

Dig Deeper on Windows Server troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.