Rule of Change
For any organization to remain dynamic and competitive, it must be able to adapt and change with the world around it. For IT professionals, this means a continual flux of upgrading, enhancing, and replacing the technology. This presents several challenges to information security practices.
The Rule of Change states that change must be managed, coordinated, and considered for possible security implications. Any change within an environment carries with it some form of risk. Installing a new Linux system could introduce a security hole; patching a Windows 2000 server could cause a working application to crash; and, making a ...