Un-integrated security can be dangerous

Perhaps the only thing that enterprises find more threatening than security vulnerabilities are the potential penalties for falling out of compliance. There is a consensus emerging that these two corporate pitfalls should not be viewed in a vacuum and that companies should integrate encryption, access control, and auditing functions.  According to Wikibon, a newly formed community of experts that offers free research and advisory services on storage issues, companies need to integrate compliance requirements with life cycle management. David Floyer, a former IDC analyst and one of the founders of Wikibon believes that encryption is one way to secure data when it comes to storage, but that's only part of the solution. It's not feasible to encrypt all of the data in a data center, since the volumes of data are typically too large and there are too many servers accessing data, among other factors. It does, however, make sense to encrypt data where there's a regulatory requirement, such as personal records. Encryption also makes sense when transporting data over a network or physically by tape.   

For more on the intersection between security and compliance:
- see this InformationWeek article