However, IT's customers rarely have the same view on protection and security. They just want reliable IT systems that are ready whenever they need them. Even if they appreciate the need for security measures, they dont want to have to remember a stack of passwords or worry about running complex backup procedures. They may also be unaware of security risks, such as the vulnerability introduced by writing down passwords, losing their laptop or cell phone, or opening the door to malware by clicking on links in emails from unknown senders.
At the same time, as customers become more tech-savvy, they are clamoring for access to the latest technologies that can enhance collaboration, mobility and productivity. If these tools are to be introduced and endorsed by the business, you must find a way of integrating them with existing systems and applications so that their benefits can be exploited―without compromising security or the enterprise's assets.
Protecting the Enterprise
So, how can a CIO protect the enterprise? First, define a set of assets that receive a prioritized level of protection. In practice, this means, for example, protecting or duplicating the hardware that supports the ERP system will take precedence over ensuring the availability of individual PCs. Treat linkages between and information about customers, suppliers and partners as critical, and implement and embed strict controls into your operations to provide demonstrable protection and peace of mind for these entities.
If mobile and remote workers are allowed to use mobile devices such as laptops or PDAs to access corporate resources or work remotely, they will almost inevitably end up storing confidential and other corporate information on those devices. What happens to the information on the laptop or PDA if they lose it, or if it gets damaged or stolen? Not only does the information need to be duplicated elsewhere, so the worker can access it again at short notice, it must also be protected from unauthorized access should the original device fall into the wrong hands.
In addition to offering Internet-based backup and restore services that are ideally suited to mobile working, a managed data-encryption service can also prevent information from being accessed on lost or stolen equipment. Once the user has authenticated with the service, encryption runs transparently as a background process, automatically protecting valuable data without requiring the user to take additional steps.
For all employees, whatever their role, reliable, always-available IT is vital to carrying out their jobs. If theres a problem, whether its their own PC that fails, a corporate application that goes down, or an email server that crashes, the end-result is the samethey cant get on with their job, and to them, IT has let them down.