{"id":1198,"date":"2012-04-20T12:46:51","date_gmt":"2012-04-20T12:46:51","guid":{"rendered":"http:\/\/www.journeytothecloud.com\/?p=1753"},"modified":"2012-04-20T12:46:51","modified_gmt":"2012-04-20T12:46:51","slug":"avoid-the-security-umpire-problem","status":"publish","type":"post","link":"https:\/\/icloud.pe\/blog\/avoid-the-security-umpire-problem\/","title":{"rendered":"Avoid the Security Umpire Problem"},"content":{"rendered":"<p>Have you ever been part of a team or committee working on an initiative and found that the security or compliance person seemed to be holding up your project? They just seemed to find fault with anything and everything and just didn&#8217;t add much value to the initiative? If you are stuck with security staff that are like this all the time, that&#8217;s a bigger issue that&#8217;s not within the scope of this article to solve.\u00a0 But, most of the time, it&#8217;s because this person was brought in very late in the project and a bunch of things have just been thrown at them, forcing them to make quick calls or decisions. <\/p>\n<p>A common scenario is that people feel that there is no need to involve the security folks until after the team has come up with a solution.\u00a0 Then the team pulls in the security or compliance folks to validate that the solution doesn&#8217;t go afoul of the organization\u2019s security or compliance standards. Instead of a team member who can help with the security and compliance aspects of your project, you have ended up with an umpire.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-medium wp-image-1760\" src=\"https:\/\/icloud.pe\/blog\/wp-content\/uploads\/2012\/04\/avoid-the-security-umpire-problem.jpg\" alt=\"\" width=\"167\" height=\"182\" \/>Now think back to when you were a kid picking teams to play baseball.\u00a0 If you had an odd number of kids then more than likely there would be one person left who would end up being the umpire. When you bring in the security or compliance team member late in the game, you may end up with someone that takes on the role of calling balls and strikes instead of being a contributing member of the team.<\/p>\n<p>Avoid this situation by involving your Security and Compliance staff early on, when the team is being assembled.\u00a0 Your security SMEs should be part of these conversations.\u00a0 They should know the business and what the business requirements are.\u00a0 They should be involved in the development of solutions.\u00a0 They should know how to work within a team through the whole project lifecycle. Working this way ensures that the security SME has full context and is a respected member of the team, not a security umpire.<\/p>\n<p>This is even more important when the initiative is related to virtualization or cloud. There are so many new things happening in this specific area that everyone on the team needs as much context, background, and lead time as possible so that they can work as a team to come up with solutions that make sense for the business.<\/p>\n<p><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?d=yIl2AUoC8zA\" border=\"0\"><\/img> <img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?i=OZsCTb3DA6M:9t-OX_PkkC4:-BTjWOF_DHI\" border=\"0\"><\/img> <img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?i=OZsCTb3DA6M:9t-OX_PkkC4:V_sGLiPBpWU\" border=\"0\"><\/img> <img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/JourneyToTheCloud?d=qj6IDK7rITs\" border=\"0\"><\/img><br \/>\n<img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/JourneyToTheCloud\/~4\/OZsCTb3DA6M\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Have you ever been part of a team or committee working on an initiative and found that the security or compliance person seemed to be holding up your project? They just seemed to find fault with anything and everything and just didn&#8217;t add much value to the initiative? If you are stuck with security staff&#8230;<a href=\"http:\/\/www.journeytothecloud.com\/cloud-computing\/avoid-the-umpire-security-problem\/\">Read More &#187;<\/a><\/p>\n","protected":false},"author":16,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[104,177,178],"tags":[18,118],"class_list":["post-1198","post","type-post","status-publish","format-standard","hentry","category-cloud-computing","category-compliance","category-risk-management","tag-cloud","tag-security"],"_links":{"self":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/1198","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/comments?post=1198"}],"version-history":[{"count":0,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/posts\/1198\/revisions"}],"wp:attachment":[{"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/media?parent=1198"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/categories?post=1198"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/icloud.pe\/blog\/wp-json\/wp\/v2\/tags?post=1198"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}