In most organization's in Nigeria today, especially those within the public sector, an increasing amount of funds are being allocated to and spent on physical security. While there may be a valid business need for these investments in physical security, an import question to ask is : " What is being done to secure information?"
Information is increasingly becoming the most important and most valuable asset to any organization. Organization thrives on information and its associated assets acts as an enabler-information technology. As a result of the value of information to organizations, it becomes appropriate that it must be suitably protected and preserved in terms of confidentiality, integrity and availability (CIA). In most cases, protecting information goes beyond the physical. Processes, people and technology are other factors that come to the fore.
There are instances where organizations are re engineering processes and implementing technologies to secure their information while nothing is being done to secure the people (eg: employees, contractors, service providers). People are the custodians and users of any implemented technologies or processes put in place within an organization and therefore, they require a regular dose of TEA (training, education and awareness) on information security.
With regard to processes, a good starting point for any organization is to adopt and implement an information security management system as prescribed by ISO/IEC 27001:2005.
Written by : Nurudeen Odeshina's recent Journal article:
"Resource from SACA Journal, volume 2, 2013.
From this journal is to tell about the securing information system in organizations. The risk of the information is give impact to the business. As for me the information / data is an asset which like other important business assets, has value to an organization and consequently needs to be suitably protected. Protecting information and information systems from unauthorized access, use, disclose, disruption, modification, or destruction. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms.
The important of security is to protects information from a range of threats ensures business continuity minimizes financial loss, optimizes return on investments increases business opportunities. Security breach will leads to reputation loss, financial loss, intellectual property loss, legislative breaches leading to legal actions (Cyber law), loss of customer confidence and business interruption costs.
Let's share your opinion?
my opinion we really need something to protect our data in database because to avoid from outsiders hack our system and need to use password for more secure information.
ReplyDeleteAs for me, securing information data is very important in many sectors like government and private sector. For the example : Many businesses collect “sensitive data” from consumers such as social security numbers, financial records, credit details for sales for business purposes. Theft of this information can put your customer’s financial information at risk and damage the reputation of business. So, in this case the management of the company should taken the action on how securing information at their organizations.
ReplyDelete