Redefining security

November 2007 Access Control & Identity Management

The difference between just delivering security and ensuring secure business operations.

The 'current state' enterprise is unprepared for the security ramifications of global changes and must redefine its security posture via a business-centric, holistic risk management approach that spans people, goods and assets as well as information systems. Redefining security in this manner will provide the future foundation by which to manage risk and develop new ways to conduct business.

Today's security challenges for the typical government and corporate enterprise include external environmental factors, internal factors such as achieving the right balance between agility and assurance, and dynamic factors in terms of maintaining the correct level of preparedness to match ever-changing threat conditions.

Governments and businesses are challenged to operate efficiently and effectively in harsh environments while trying to maintain a balance between 'assured' and 'agile' commerce. With threats to business continuity, the need for disaster preparedness and the need for strong risk mitigation and management, it is critical that organisations redefine their security posture if they hope to survive and continue to grow. Given the many challenges within today's enterprises and the current state of enterprise security, it is essential for businesses to adopt and follow principles that will lead to secure business operations.

* Security must be holistic. Enterprise security should no longer be defined as simply IT security plus guards, guns and gates. It must be considered holistically across the entire enterprise, from the business and its goals, identifying people to tracking and tracing goods and assets, to securing IT systems.

Creative strategies and operational plans for prevention, detection and reaction. The need is as fundamental as the presence or absence of an immune system for the human body. Intranet and extranet (Internet) connectivity is almost a business imperative and you simply cannot survive that environment without the appropriate safeguards. It is a question of when the typical enterprise will be confronted with a disruptive event. Organisations must not just plan for prevention but also for detection and reaction to minimise adverse events and maintain business continuity.

* Visibility is critical. Visibility into enterprise processes can enable both 'assured' and 'agile' commerce. An enterprise cannot secure what it cannot see or what it does not know.

* Enhanced public/private collaboration. To protect against rising threat levels, greater public/private collaboration and greater internal collaboration are necessary.

* Take a proactive stance and look beyond compliance for competitive advantage. Compliance requirements are viewed as a cost of doing business, and organisations consequently adopt a minimal approach. Initiatives to support compliance should also be evaluated for opportunities to leverage the investment for innovation and growth. A governance profile of secure business operations is an attractive attribute for customers, suppliers and investors. As a matter of course a proactive approach that is part and parcel of business operations will surface and identify security and privacy concerns before they become 'disruptive events'. In addition investment in compliance can often be leveraged for improved business process insight and operational efficiency. Simply good governance.

Enterprises today need an holistic approach to security - one that is part of everyday business operations and combines management and process expertise based on industry standards with technological skill and business centric operational excellence. An approach that views security policies, procedures, and technology as more than just a way to protect against the occurrence of unwanted events, but also as a means of reducing organisational costs, improving operations and enabling new business opportunities.

Unisys Africa calls this approach 'secure business operations'. Based on the seemingly simple premise that you cannot secure what you cannot see. Yet it requires an in depth understanding of the many facets of security, the business and the industry in which an organisation operates, and the methodologies and tools that can provide the insight needed to make the right security investment decisions.

Whether a business is protecting physical and IT infrastructures; addressing concerns about privacy and identity theft; controlling access to government benefits, physical or logical resources; participating in e-business initiatives; complying with governmental regulations; tracking goods and assets; securing your supply chain - or all of the above - companies need insight and awareness to effectively manage their business and security risks.

This is the crucial difference between delivering security and ensuring secure business operations. The ability to visualise the different elements of your environment, understand the causal relationships and take the appropriate steps to maximise your security investments.

In both public and private sector, organisations around the globe need to focus their attention on operational efficiency and planned profitable growth - rather than constantly worrying about the continuity, integrity, and security of their operations. They need the knowledge and peace of mind gained from secure business operations that enables them to focus on their core activities. After all, how can a business secure what it cannot see? Or expand without worrying about the security implications?





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Enhanced biometric technology for mines
September 2019, ZKTeco , Mining (Industry), Access Control & Identity Management
Biometric identification and authentication are currently used at various mines in South Africa and in the SADC region.

Read more...
Improving access in mines
October 2019, Astra Fasteners , Mining (Industry), Access Control & Identity Management, Products
The VP1 controller provides full access control and remote monitoring of intelligent locks without having to wire into a network or install, manage and maintain software.

Read more...
Invixium and Pyro-Tech partner in South Africa
October 2019 , News, Access Control & Identity Management
Invixium, a manufacturer of IP-based biometric solutions and Pyro-Tech Security Suppliers have announced a new distribution partnership.

Read more...
Suprema receives FBI PIV/FAP30 certification
October 2019, Suprema , News, Access Control & Identity Management
Suprema has announced that the company's BioMini Slim 3 has received FBI PIV (Personal Identity Verification) and Mobile ID FAP30 certification.

Read more...
Frictionless access with a wave
October 2019, IDEMIA , Access Control & Identity Management, Residential Estate (Industry)
IDEMIA was the Platinum Sponsor for the Residential Estate Security Conference 2019 and set up its MorphoWave Compact frictionless fingerprint biometric scanner at the entrance to the conference.

Read more...
Streamlined access and reporting
October 2019, Comb Communications , Access Control & Identity Management, Residential Estate (Industry)
The main focus of the Comb stand was its practical demonstration of the MK II Lite intercom system with third-party integrated products.

Read more...
Customised and integrated solutions
October 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
iVisit offers both high-end and low-end residential complexes a cost-effective visitor management solution that is fully integrated into Suprema's offerings.

Read more...
Access solutions for every estate
October 2019, Impro Technologies , Access Control & Identity Management, Residential Estate (Industry)
Impro's flagship Access Portal solution comprises one of the most user-friendly software solutions on the market.

Read more...
Managing staff effectively
September 2019, dormakaba South Africa, iPulse Systems , Integrated Solutions, Access Control & Identity Management
Workforce management solutions allow organisations to track the relationship between productivity and the cost of employment, incorporating issues such as health and safety, T&A, rostering and more.

Read more...
Hennie Lategan joins Centurion as head of exports
September 2019, Centurion Systems , News, Access Control & Identity Management
Centurion Systems has announced the appointment of Hennie Lategan as the head of the company’s exports department.

Read more...