| For every organization information is the most vital | | | | Retail, Automotive, Chemical, Energy/oil and gases, |
| part. Now a day the most challenging job for every | | | | Transportation, Wholesale low in Agriculture, |
| organization is Information Security. When we say | | | | Construction & Real Estate, Food, Beverages, |
| Information Security it means Information Security in | | | | Industrial Equipment. |
| Internet. | | | | Although there is no guarantee that any organization |
| Now a day's productivity improvements and | | | | won't get hit, but there are some key components on |
| competitiveness are being driven by the networked | | | | which Information Security manager has to take care |
| enterprise organizations connecting up, communicating | | | | of (Role)- |
| and doing business in real time with customers, | | | | 1) Identifying the risk. Determining Company's most |
| partners and suppliers wherever they are located. But | | | | critical information, assets and spending his time and |
| at the same time, today's business environment is also | | | | energy protecting what's most important. |
| characterized by risk and uncertainty. Customers, | | | | 2) Getting the CEO involved. Good security has to |
| shareholders and partners are understandably placing | | | | start from the top, with executives who help create a |
| a premium on businesses that are secure and | | | | corporate culture that values security. |
| protected. Every organization has to cope up with daily | | | | 3) Putting some in charge. Security is a complex job, |
| threats such as virus attacks, basic human errors and | | | | so make sure some one is in charge of coordinating |
| security policy enforcement. Security should be | | | | security efforts. |
| designed to minimize and control the impact of human | | | | 4) Developing and implementing a security policy. |
| errors, harness the power of leading products and | | | | Establishing guidelines for how the company handles |
| technologies but must also be carefully crafted, | | | | and protect data. |
| integrated and underpinned by rigorous procedures. | | | | 5) Educating employees and raising awareness among |
| An effective corporate security strategy will be judged | | | | them. |
| on well it protects the value generating assets of one's | | | | 6) Having a security audit done. Hire an independent |
| organization. Including people, information, processes, | | | | third party to evaluate the security position and then |
| technology, systems, networks and buildings | | | | apply the recommendations made by auditor. |
| enterprises need to accept wide policies and process: | | | | 7) Incorporating physical security in to the plan. The |
| 1) Strategic risk and vulnerability assessment across | | | | best security technology in the world won't do any |
| the enterprise. | | | | good if a well meaning employee allow the wrong |
| 2) Deployment of resilient IT and network | | | | person in to the server room. |
| infrastructure. | | | | 8) Remembering internal threats. Most attempted |
| 3) Contingency and recovery plans to minimize the | | | | hacks come from the outside, but most successful |
| impact of disruption | | | | ones start with people who have inside knowledge. |
| 4) Regular training, rehearsal and audit. | | | | 9) Deleting the user account when employees quit or |
| If one gets these elements right it will go well on the | | | | are let go. |
| way to reaping the benefits of running a secure and | | | | 10) Continuously updating and keep tracking of new |
| protested business. Deploying the right technical | | | | developments in information security including new |
| solutions is vital, but far from sufficient. In this area | | | | vulnerabilities and attacks. |
| there is a great demand of skilled people to help in the | | | | 11) Prepare for the worst creating an incident response |
| event of a crisis along with having the right policies and | | | | plan to help you save time in the event of the security |
| processes. This is the only way to ensure that risk is | | | | problem. |
| being properly managed. | | | | In working with both the private and public sectors, |
| For many work to be done, challenges are must. And | | | | Unisys has created and deployed a Secure |
| when we talk of security obviously challenges and | | | | Commerce Blueprint across six different countries - |
| threats are there. A threat to security major hampers | | | | Pakistan, Shrilanka, China, Hong Kong, U.S. , Brazil and |
| organization from financial, social as well as from | | | | Taiwan. The new Blueprint does more than just |
| technical aspects. Whereas challenges are- | | | | increase security. By integrating global supply chain |
| 1) Implementing security | | | | networks , this blueprint offers greater real-time visibility |
| 2) Maintain it | | | | and the ability to adopt and respond to all events, from |
| 3) Take decision according to the organization situation | | | | a port strike or terrorist threat to a sudden market |
| The most common challenges in implementing | | | | opportunity. |
| information security are | | | | Information security professionals has to take care of - |
| Speed of change and increasing sophistication of | | | | Secure access to the workstation. |
| threats, Employee awareness, Internal availability of | | | | Secure access to the server |
| specialist skills, Budget, Availability of tools, security | | | | Single sign on- a) Activating the electronic signature, b) |
| solution, Unclear roles and responsibilities (IT and | | | | Activating data encryption |
| Business ) , Senior business management support, | | | | Today many organization demands an advance level |
| Lack of information management strategy, Senior IT | | | | of security for the new business process they are |
| management support | | | | introducing to the workplace. There is need of new |
| As it is understood that information security threats | | | | advance identification & authentication procedures |
| involves viruses and unauthorized access to | | | | to offer a high level of security appropriate for |
| information or hacking are not the only one. In addition | | | | business processes and at the same time guarantees |
| to this government and private intelligent community | | | | highest user comfort, massive cost savings and |
| and the policies of information security that give major | | | | security investment. |
| threat to information security. | | | | The challenging world of Information security is open |
| Degree of risk is high in Aerospace & Defense, | | | | for the person who is ready to update their knowledge |
| Electronics, Financial Services, Health Care, Information | | | | every moment. |
| Services medium in Pharmaceutical, | | | | |