Business Issues -> Security & Risk
Released: 15th July 2013
Publisher: Newshound Communications
London, UK – 15 July, 2013 – Auriga Consulting Ltd (Auriga), the expert data, ICT and security consultancy, today cautioned that organisations transitioning to new environments could potentially expose core business processes and data to unnecessary risk. Business transformation has been a top priority in the boardroom over the course of the last year as organisations seek to harness the advantages of cloud or mobility deployments but the business case can often overshadow the potential threats brought about by change. Business transformation differs from other change management projects in that it straddles the corporate/IT divide. Transformation therefore needs to embrace strategic and technical best practice, from assigning responsibility and ensuring stakeholder buy-in to mapping business processes and protecting data and data integrity, confidentiality and availability.
Business transformation involves making radical alterations to the way a business functions in order to embrace and utilise changes in market conditions. Transformation may be motivated by numerous factors, from reducing costs to maximising efficiency and these factors often dictate the pace of change. But in addition to the business case and feasibility, it is also vital that the organisation examine business impact from a corporate and IT perspective and acknowledge the risks posed by the transition. Top threats such as data loss, data breaches, account hijacking, insecure API’s, denial of service and malicious insiders can use the greater attack surface created by transformation to target and exploit the organisation.
A larger threat landscape with limited control over the infrastructure can seem a daunting prospect but aligning organisational requirements and security controls, and taking a business centric approach can help mitigate risk. Before any organisation can consider a cloud or mobile solution it must first understand its current operating model and data landscape. An organisation deploying a Cloud SaaS solution to host business critical data, for example, must take into account the compatibility with existing technologies, governance requirements, geographical locations, mobile platforms and capabilities. Taking these multiple entities as a unified system will allow better understanding of the risks and application of security controls that span the organisation and beyond.
The following seven steps can ensure a strategic and technical transformation that delivers business advantage while mitigating risk:
“Business transformation is a radical undertaking which can make or break the business. Methodical planning is required to explore the impact on the organisation, contextual risks, and how best to secure stakeholder buy-in to determine whether a phased, big bang or pilot implementation is appropriate. Post-implementation, the organisation can still be at risk while the new systems and processes bed down, making monitoring processes that measure performance essential to success,” said Louise T. Dunne, Managing Director, Auriga. “Business assets are exposed and vulnerable during the transition period so transformation should never be treated as just another change management project. By observing the above procedures and approaching the transition methodically, it is possible to achieve transformation with strategic and technical merit while avoiding compromise.”
Auriga Consulting Ltd (Auriga) is an expert consultancy specialising in Data Management, Information Assurance, Corporate Governance, Business Process Modelling, Analysis, ICT and Security. We advocate data as the most valuable part of your business and combine superior security and assurance knowledge with a wealth of business management consultancy and efficiency skills. Using a unique set of methodologies we embed security by overlaying it onto business process and analysing data.
Auriga reported a turnover of more than £1million in its first full year of trading, cementing its reputation as one of the most dynamic and versatile solutions providers in the marketplace today. We have worked on some of the most demanding projects in the UK for customers from the public and private sectors, advising upon the architectures and business processes adopted for the G-Cloud project, NHS and social services databases, and leading the BSi’s largest audited UK organisation successfully through ISO 27001. To find out more, please go to www.aurigaconsulting.com or follow us on Twitter @AurigaConsult.
Tel: 01420 587978
Published by: IT Analysis Communications Ltd.
T: +44 (0)190 888 0760 | F: +44 (0)190 888 0761