* It's important to make your objectives clear Management by objectives, or MBO, centers on the need and value of defining measurable objectives for a group. The theory is that unless we can measure performance and progress, our impressions of compliance with our goals will be too fuzzy and uncertain to motivate staff and to provide value to upper managers for strategic planning.An important tool for MBO in the operations field is the service-level agreement (SLA). This agreement serves as a contract that defines acceptable service. For example, one can define the maximum acceptable rate of downtime for a network or the maximum acceptable response time for an application program. Knowing the limits is crucial for effective quality control; as staff see spikes or trends approaching the control limits, they can investigate the causes of irregular results or take action to correct appropriate factors before there’s a serious problem.Without stated limits, people may wait until there’s a disaster. When people rush around without a plan as they react to an emergency, everything is more expensive and more prone to error.Applying MBO to security, I’d say it’s not enough to use general terms like “be secure” or “protect information resources.” I think that we should be using objectives such as “In the next three months, we will successfully prevent all unauthorized changes to our public Web server.” We could use the concepts of SLAs to set a goal of ensuring a minimum available bandwidth for the network even in cases of denial-of-service attacks. Perhaps a good measurable objective might be “Find no more than 10% of all workstations logged on to the network after 8 p.m. every night.” How about, “Identify no more than 10% of all passwords by running crack programs on the password file?” Or “Limit porn-surfing on corporate machines to a maximum of 20% of total bandwidth during working hours?” If you do penetration tests, then it should be possible to define reasonable measurable objectives and then test those using the pen-tests.Thinking in behavioral and measurable terms sharpens our ability to identify trouble spots and weak points in our security measures. Here’s a jingle you can set to music like the Burma Shave ads of the 1950s: “Sharpen up and apply MBO to IA today!” Related content how-to Doing tricks on the Linux command line Linux tricks can make even the more complicated Linux commands easier, more fun and more rewarding. By Sandra Henry-Stocker Dec 08, 2023 5 mins Linux news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Network Security Network Security Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe