Redefining security

Access & Identity Management Handbook 2007 Access Control & Identity Management

The difference between just delivering security and ensuring secure business operations.

The 'current state' enterprise is unprepared for the security ramifications of global changes and must redefine its security posture via a business-centric, holistic risk management approach that spans people, goods and assets as well as information systems. Redefining security in this manner will provide the future foundation by which to manage risk and develop new ways to conduct business.

Today's security challenges for the typical government and corporate enterprise include external environmental factors, internal factors such as achieving the right balance between agility and assurance, and dynamic factors in terms of maintaining the correct level of preparedness to match ever-changing threat conditions.

Governments and businesses are challenged to operate efficiently and effectively in harsh environments while trying to maintain a balance between 'assured' and 'agile' commerce. With threats to business continuity, the need for disaster preparedness and the need for strong risk mitigation and management, it is critical that organisations redefine their security posture if they hope to survive and continue to grow. Given the many challenges within today's enterprises and the current state of enterprise security, it is essential for businesses to adopt and follow principles that will lead to secure business operations.

* Security must be holistic. Enterprise security should no longer be defined as simply IT security plus guards, guns and gates. It must be considered holistically across the entire enterprise, from the business and its goals, identifying people to tracking and tracing goods and assets, to securing IT systems.

Creative strategies and operational plans for prevention, detection and reaction. The need is as fundamental as the presence or absence of an immune system for the human body. Intranet and extranet (Internet) connectivity is almost a business imperative and you simply cannot survive that environment without the appropriate safeguards. It is a question of when the typical enterprise will be confronted with a disruptive event. Organisations must not just plan for prevention but also for detection and reaction to minimise adverse events and maintain business continuity.

* Visibility is critical. Visibility into enterprise processes can enable both 'assured' and 'agile' commerce. An enterprise cannot secure what it cannot see or what it does not know.

* Enhanced public/private collaboration. To protect against rising threat levels, greater public/private collaboration and greater internal collaboration are necessary.

* Take a proactive stance and look beyond compliance for competitive advantage. Compliance requirements are viewed as a cost of doing business, and organisations consequently adopt a minimal approach. Initiatives to support compliance should also be evaluated for opportunities to leverage the investment for innovation and growth. A governance profile of secure business operations is an attractive attribute for customers, suppliers and investors. As a matter of course a proactive approach that is part and parcel of business operations will surface and identify security and privacy concerns before they become 'disruptive events'. In addition investment in compliance can often be leveraged for improved business process insight and operational efficiency. Simply good governance.

Enterprises today need an holistic approach to security - one that is part of everyday business operations and combines management and process expertise based on industry standards with technological skill and business centric operational excellence. An approach that views security policies, procedures, and technology as more than just a way to protect against the occurrence of unwanted events, but also as a means of reducing organisational costs, improving operations and enabling new business opportunities.

Unisys Africa calls this approach 'secure business operations'. Based on the seemingly simple premise that you cannot secure what you cannot see. Yet it requires an in depth understanding of the many facets of security, the business and the industry in which an organisation operates, and the methodologies and tools that can provide the insight needed to make the right security investment decisions.

Whether a business is protecting physical and IT infrastructures; addressing concerns about privacy and identity theft; controlling access to government benefits, physical or logical resources; participating in e-business initiatives; complying with governmental regulations; tracking goods and assets; securing your supply chain - or all of the above - companies need insight and awareness to effectively manage their business and security risks.

This is the crucial difference between delivering security and ensuring secure business operations. The ability to visualise the different elements of your environment, understand the causal relationships and take the appropriate steps to maximise your security investments.

In both public and private sector, organisations around the globe need to focus their attention on operational efficiency and planned profitable growth - rather than constantly worrying about the continuity, integrity, and security of their operations. They need the knowledge and peace of mind gained from secure business operations that enables them to focus on their core activities. After all, how can a business secure what it cannot see? Or expand without worrying about the security implications?

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Simple steps to protect yourself against identity theft
November 2019 , Access Control & Identity Management
Are you doing enough to reduce the risk of having your identity stolen?

Looking ahead with mobile access technologies
Access & Identity Management Handbook 2020, Technews Publishing, HID Global, dormakaba South Africa, Salto Systems Africa, Suprema, Gallagher , Access Control & Identity Management, Integrated Solutions
Given the broad use of smartphones around the world and the numerous technologies packed into these devices, it was only a matter of time before the access control industry developed technology that would ...

Mobile access is more secure than card systems
Access & Identity Management Handbook 2020 , Access Control & Identity Management
The ability to use mobile phones as access credentials is one of the biggest trends in a market that historically has been slow in adopting new technology.

This is the future. This is what we do.
Access & Identity Management Handbook 2020, ZKTeco , Access Control & Identity Management
ZKTeco has created a unique range of visible light facial recognition products combined with a flexible Android platform.

The security of biometrics
Access & Identity Management Handbook 2020, ViRDI Distribution SA, IDEMIA , Technews Publishing, Suprema , Access Control & Identity Management
Hi-Tech Security Solutions asks whether your personal biometric data is safe from prying eyes.

A picture spoofs a thousand cameras
Access & Identity Management Handbook 2020, NEC XON, Hikvision South Africa, Technews Publishing , Access Control & Identity Management
Hi-Tech Security Solutions looks into the reliability and effectiveness of facial biometrics as well as the concerns about privacy.

IoT and behavioural authentication
Access & Identity Management Handbook 2020, CA Southern Africa , Access Control & Identity Management
IoT represents an increasing security risk to individuals in the form of pervasive, always-on monitoring of your personal activity with a potential compromise of your most personal security credentials.

Border crossing and national identification
Access & Identity Management Handbook 2020 , Access Control & Identity Management
Amidst a choice of technologies, diversity of policy frameworks, and emergent priorities, countries that intend to upgrade their identification systems today find themselves drawn into a complex vortex.

T&A by biometrics in the cloud
Access & Identity Management Handbook 2020 , Access Control & Identity Management
Time and attendance solutions have evolved from punch cards to cost-effective and more accurate cloud-based biometric systems.

Scalable access solution
Access & Identity Management Handbook 2020 , Access Control & Identity Management, Integrated Solutions
Bosch Building Technologies makes access management simple, scalable and always available with Access Management System 2.0.