- You are here:
- Home
- /
- HR Download
- /
- Training & Development
- /
- Story
Advertisement
HR Download - Training & Development
How secure is your information? (View Comments)
Sheetal Srivastava
Posted On Tuesday, July 08, 2008 at 06:16:38 PM
Information today is probably the most important asset in any organisation. Additionally, the nature of this asset is such that theft and/or misuse is not easily detected like physical assets.
Business information asset is the collection of a company’s intellectual property, client information, employee intellect and any hardware/software required for information storage and processing. It is thus one of the most critical business assets, and in today’s extensively interconnected business environment, these assets get continually exposed to increased threats like theft, unauthorised access, data alteration, hacking, etc.
“Information security is highly applicable in areas, especially where data is lying in an electronic form and is shared across internal network,” says Mahesh Shah, chief information security officer, Kale Consultants.
It is, therefore, essential for every company to have robust information security systems and processes to avert any intrusive or disruptive attempts internally as well as from public domain.
KPIT Cummins Infosystems, a global IT, Engineering and BPO services firm believes that businesses work on competitiveness and compatibility of the associates, as such complete confidentiality and reliability is an obvious expectation. “For us, information security is building and maintaining trusted relationship between information resources and people, thus not only protecting our intellectual capital, but also protecting confidential client information,” says Mandar Marulkar, chief information security officer and head, business continuity management, KPIT Cummins Infosystems.
So, at what stage are Indian organisations on this mindset? The density of organisations across the risk awareness spectrum is quite even. While on one end of the spectrum are organisations that are totally unaware of the risks, there are others that lay a lot of emphasis on risk management. Says Prakash Seernani, COO, Synlog, “There is a good density of organisations that are well aware of the risks and have their risk management plans in place. However, what is lacking in many cases is the regular validation of these risk management plans, at the desired frequency, keeping in mind the dynamic nature of the business. For e.g. banks today are getting into newer instruments and markets and diverse businesses like portfolio management, insurance, etc.”
“New roles have also been introduced into the corporate fabric, which includes specialists for security policies development, security process execution and management, risk mitigation, regulatory compliances managers and internal information security auditors,” notes Marulkar.
While most companies take different measures to secure their data, there are some who believe that personal freedom of employees should not be curbed to ensure data security. “Employees should have the freedom to use their electronic gadgets or access internet. However, organisations should also evaluate the risk of unauthorised information leakage,” says Marulkar.
However, Mohan Ram, MD, Lattice Bridge Infotech says, “I don’t think personal freedom of employees should be curbed to ensure data security. This can lead to dissatisfaction. We do not restrict our employees from accessing emails or using camera phones, etc. They are even allowed to carry their own USB cables.”
Different organisations adopt different ways and means to secure their information. Synlog, which is in the business of payment solutions, ensure they keep abreast with the notifications issues by RBI from time to time about the various risks that banks face.
“We keep our banks informed, our solutions and services updated to help customers manage risks. The solutions designed for our clients have this as a basis and we try our best to ensure that the information stays as safe and secure as possible. We also ensure that all information communication has an acknowledgement such that the information is sent only to the intended recipient system,” confirms Seernani.
KPIT Cummins Infosystems has built a strong Information Security Management System (ISMS) to protect vital corporate and customer information. “We have built a dedicated team of highly qualified and experienced information security professionals, which actively drives policy implementation and monitors its effectiveness. E-learning modules, classroom sessions, posters, computer screen savers, sessions from external experts etc. are conducted for creating ongoing awareness about company security policies and employees roles in creating vigilant culture in the organisation,” says Marulkar.
“With ISMS, we have managed to balance between controls without compromising security risk and providing necessary flexibility in operations. We do not intend to make the system hack proof, but strive to devise a mechanism that can anticipate potential problems, preempt through proactive measures, ensure recovery and restoration and protect against considerable damage,” he further adds.
Information security is the protection of information assets from a wide range of threats in order to ensure confidentiality, integrity and availability of critical business assets, in turn enhancing customer trust, people safety and business continuity.
Each company has to have such an Information Security infrastructure that ensures high level of confidentiality and business continuity without compromising on valuable data and time.
“Awareness of the problematic nature of information security is approaching an all-time high. Organisations worldwide are realising the importance in securing the information and investing in infrastructure to mitigate the risk arising out of these threats,” concludes Prince Thakur, A.V.P. I.T. GlobalLogic.
| Rate me.... |  Mail this article Print this article |
||||||||||||
|
|||||||||||||
Post Your Comments
Most Searched Tags
Advertisement
Here's your chance to be our 'Student Journalist of the Month', a contest for aspiring students to pool in their ideas and views on burning issues in the Human Resource space. It's simple! Post your article here and you could be the winner.
Topics of the month
- The need for CSR
- Role of EQ in a successful career