Redefining security

November 2007 Access Control & Identity Management

The difference between just delivering security and ensuring secure business operations.

The 'current state' enterprise is unprepared for the security ramifications of global changes and must redefine its security posture via a business-centric, holistic risk management approach that spans people, goods and assets as well as information systems. Redefining security in this manner will provide the future foundation by which to manage risk and develop new ways to conduct business.

Today's security challenges for the typical government and corporate enterprise include external environmental factors, internal factors such as achieving the right balance between agility and assurance, and dynamic factors in terms of maintaining the correct level of preparedness to match ever-changing threat conditions.

Governments and businesses are challenged to operate efficiently and effectively in harsh environments while trying to maintain a balance between 'assured' and 'agile' commerce. With threats to business continuity, the need for disaster preparedness and the need for strong risk mitigation and management, it is critical that organisations redefine their security posture if they hope to survive and continue to grow. Given the many challenges within today's enterprises and the current state of enterprise security, it is essential for businesses to adopt and follow principles that will lead to secure business operations.

* Security must be holistic. Enterprise security should no longer be defined as simply IT security plus guards, guns and gates. It must be considered holistically across the entire enterprise, from the business and its goals, identifying people to tracking and tracing goods and assets, to securing IT systems.

Creative strategies and operational plans for prevention, detection and reaction. The need is as fundamental as the presence or absence of an immune system for the human body. Intranet and extranet (Internet) connectivity is almost a business imperative and you simply cannot survive that environment without the appropriate safeguards. It is a question of when the typical enterprise will be confronted with a disruptive event. Organisations must not just plan for prevention but also for detection and reaction to minimise adverse events and maintain business continuity.

* Visibility is critical. Visibility into enterprise processes can enable both 'assured' and 'agile' commerce. An enterprise cannot secure what it cannot see or what it does not know.

* Enhanced public/private collaboration. To protect against rising threat levels, greater public/private collaboration and greater internal collaboration are necessary.

* Take a proactive stance and look beyond compliance for competitive advantage. Compliance requirements are viewed as a cost of doing business, and organisations consequently adopt a minimal approach. Initiatives to support compliance should also be evaluated for opportunities to leverage the investment for innovation and growth. A governance profile of secure business operations is an attractive attribute for customers, suppliers and investors. As a matter of course a proactive approach that is part and parcel of business operations will surface and identify security and privacy concerns before they become 'disruptive events'. In addition investment in compliance can often be leveraged for improved business process insight and operational efficiency. Simply good governance.

Enterprises today need an holistic approach to security - one that is part of everyday business operations and combines management and process expertise based on industry standards with technological skill and business centric operational excellence. An approach that views security policies, procedures, and technology as more than just a way to protect against the occurrence of unwanted events, but also as a means of reducing organisational costs, improving operations and enabling new business opportunities.

Unisys Africa calls this approach 'secure business operations'. Based on the seemingly simple premise that you cannot secure what you cannot see. Yet it requires an in depth understanding of the many facets of security, the business and the industry in which an organisation operates, and the methodologies and tools that can provide the insight needed to make the right security investment decisions.

Whether a business is protecting physical and IT infrastructures; addressing concerns about privacy and identity theft; controlling access to government benefits, physical or logical resources; participating in e-business initiatives; complying with governmental regulations; tracking goods and assets; securing your supply chain - or all of the above - companies need insight and awareness to effectively manage their business and security risks.

This is the crucial difference between delivering security and ensuring secure business operations. The ability to visualise the different elements of your environment, understand the causal relationships and take the appropriate steps to maximise your security investments.

In both public and private sector, organisations around the globe need to focus their attention on operational efficiency and planned profitable growth - rather than constantly worrying about the continuity, integrity, and security of their operations. They need the knowledge and peace of mind gained from secure business operations that enables them to focus on their core activities. After all, how can a business secure what it cannot see? Or expand without worrying about the security implications?

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

HID addresses identification challenges at ID4Africa
August 2019 , News, Access Control & Identity Management, Government and Parastatal (Industry)
Being able to verify people’s identities is critical for a nation’s growth and prosperity and yet HID says nearly half of all African citizens can’t prove who they are to vote, travel freely and receive government benefits and services.

Came acquires Turkish company Özak
August 2019, CAME BPT South Africa , News, Access Control & Identity Management
Came broadens its market horizons and signals growth and consolidation in the Middle East.

The benefits of electronic visitor management
August 2019, Powell Tronics , Access Control & Identity Management, Residential Estate (Industry)
Access control is a critical aspect of estate security as it represents the controls put in place to restrict entry (and possibly exit) along the outer boundary of the location.

Addressing risks by means of access control layout and design
August 2019 , Access Control & Identity Management, Security Services & Risk Management
In order to develop a suitable, practical and appropriate security system for any organisation, it is essential to first develop a master security and life safety plan strategy.

Secure hands-free access
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

MorphoAccess Sigma Extreme
August 2019, IDEMIA , Products, Access Control & Identity Management
MorphoAccess Sigma Extreme from IDEMIA is a touchscreen device with multiple recognition device interfaces (NFC chip reader, PIN and BioPIN codes, contactless card readers).

Outdoor access terminals
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry), Products
Rugged, dust- and weather-proof access control solutions that provide exceptional durability in extreme conditions is a strong requirement for many residential estates.

MorphoWave Compact
August 2019, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact captures and matches four fingerprints on either the right or left hand in any direction. It is robust to environmental factors such as extreme light or dust.

MorphoAccess Sigma Lite
August 2019, IDEMIA , Products, Access Control & Identity Management
IDEMIA’s MorphoAccess Sigma Lite and Lite + are fingerprint access control terminals, offering time and attendance in and out function keys.

Eliminating forced gate opening scenarios
August 2019, ET Nice , Home Security, Access Control & Identity Management
When activated by the gate forced open alarm feature, the transmitter transmits a wireless alarm signal up to 750 metres in any direction.