- This impressive air purifier was able to clean my musty-grassy basement, and it's on sale
- Nintendo Switch 2 at CES 2025: Everything we know
- The best graphing calculators of 2025
- How to encrypt any email - in Outlook, Gmail, and other popular services
- The Best of CES 2025 awards are in, as selected by ZDNET and the rest of CNET Group
CIO risk-taking 101: Playing it safe isn’t safe
To illustrate, some examples:
Applications portfolio rationalization: The most fundamental guiding principle of technical architecture management is to fill each required service exactly once. If your applications portfolio isn’t rationalized — that is, if it includes multiple, functionally overlapping capabilities — that creates a need for a geometrically expanding collection of synchronizations, along with a bunch of other vulnerabilities.
An unrationalized application portfolio, and for that matter poor rationalization of the other architecture layers, creates, in a word, “risks.”
Rationalizing the applications portfolio reduces the odds of these risks being realized. In risk management terms it “prevents” (aka avoids) them.
Identity management: Modern security architectures include tools for managing identity — for authenticating staff, assigning them to roles, and assigning rights, privileges, and restrictions to those roles, not to the individuals who fulfill them. Manage identity poorly and the wrong people will be in a position to do the wrong things.
Instituting sturdy identity management practices reduces the odds of a variety of risks becoming real — and also reduces the damage should a risk become real in spite of the organization’s preventive measures.
