Skip to main content

Online information provided for stakeholders' consumption

It must relay the true meaning and real application necessary in the physical world. We have probably all experience how to learn first thing about our plans before we go ahead and act. Like for instance, when we order something online, attend to some responsibilities for our organizations, communicate with people via video, chat and email including but not limited to asking stakeholders, very politely and sincerely, if there's anything else we can do to help further. This online environment must make us work to facilitate and relay exactly what we expect and do in the physical world. What the online information is telling us should be enough to readily make a decision and act accordingly. This is especially true when people have to do it themselves, read relevant information and will go there, say store, or anywhere else, to perform the chores required.  We cannot provide information online, when customers expect them to be a guideline or instruction to do something, that we know

Information security

The ISO/IEC 27000:2009 provides overview and vocabulary for the information security management system, the ISO/IEC 27001:2005. It defines information security as a preservation of confidentiality, integrity and availability of information. In addition, other properties, such as authenticity, accountability, non-repudiation and reliability can also be involved.

In order for an information security activities to be successful, one would have to think about the mentioned preceding elements. Considering a top secret information, which the stakeholders cannot allow to be processed through the systems and internetworks without a good mechanisms in place. Doing so otherwise would only put information in peril. It may also be that information could never be trusted completely.

Taking into account all factors and resources have been in proper places. Let us look at the two important mechanisms that may satisfy the above mentioned security elements:

Cryptography and digital certificates would make information with confidentiality, integrity, authenticity and non-repudiation. 

Network structure, private circuit and firewall would make information available and reliable.

The overall efforts, if any, without any of its components being done judiciously and diligently may never be effective to secure information for key stakeholders to believe that those information are authentic and was not altered while on transit or on storage. 

Comments

Popular posts from this blog

[TW] IT documents, audit and leaders

IT documents comes with different names such as the following: - Manual or handbook, - Policies and procedures, - Management systems, - Project plans. In the real world we have various names with unique descriptions and purposes when in fact they could be made to do a uniform direction for which actions are based for the entire IT initiatives, probably the longest in IT lifecycle is operation. The problem is our inclination on something else which is wrong. IT remains an IT area. Business remains a business area. The same problem is carried out when we conduct IT audit. Most audit are missing the gists in which IT is being used by businesses. We once said that an effective IT audit is conducted by IT people themselves but there is something wrong with that even. Business and accounting people have been doing it with a different bias and preconceived notions which doesn't make the cut for IT direction and audit respectively. Leaders play the same game and so the problem continues an

[TW] Customers' trust and domains outside of internet's root

We all consider ourselves customers. Those who own businesses are customers even of their own. When we talk about the utility of technology, we often use customers to refer to our colleagues and some stakeholders that were provided access to our enterprise system. In business, customers are those who acquire and engage our products and services, respectively. Customers' trust is achieved and retained when we meet the expectations of our colleagues, stakeholders and the buyer of our products, services and ideas. Not only that we have assured them of those expectations in the contract or terms and conditions including some form of agreement but we attend to them sincerely when they need help. Giving them almost everything they need to form a decision. The experience must not be shallow and pretentious or they would notice whatever motive there is in between. Customers' trust is build not by the customers alone, just because we kept their experience up to their standards or we str