Skip to main content

Enterprise technology's juxtaposition, complementarity and application

The ability to see within an enterprise with operations requiring various technologies in information, communication, operational, security and compliance, or two or more of these, finds stakeholders, or the need to adjust techniques and make, some ingenious ways to be more effective in their responsibilities and deliverables or production. Enterprise technology is not an area and language to be used where there are only some specializations involved but which still within the confines of information technology. IT may have been serving utility operations or energy generation for sometime already and yet stakeholders cannot see how to work hand-in-hand to increase their own efficiency, and the output for which customers are very dependent. There are efforts but they remain completely separate and the result is the bigger realizations and concerns about costs rather than creation of value from the start, not just when profits began to come in. If IT is not clearly use in such environmen
Post a Comment

Company IT policy

An organization can enjoin its stakeholders including but not limited to employees, (investors), vendors and service providers who were authorized and given temporary permission to utilize company owned computers, Internet, information and communications technology-related systems and its associated data for official business purposes only.     

The first paragraph alone for some company is already enough. Most of the time a part of the more authoritative business conduct and/or manual. Some would further state they have full authority to such systems and its data. The devices which comprise of laptops, desktops, smartphones, tablets and telephones, and through them is where numerous datatypes are process, and everything attached and installed onto them. Business and personal data, the source of data which may be from various, interrelated and third-party systems and however they are bound through organization’s systems including data transmission, messaging (cryptographically rendered, SMS, MMS, email and voice mail), office files, classified information such as administrative orders including but not limited to telephone conversation, and whether stored in storage and optical media or not. Everything has to be managed with reference to business conduct, standards and regulation’s mandate which shall be employed at all times.     

Monitoring the overall IT operational capabilities would warrant an organization to constantly and/or randomly review relevant systems, their mechanisms, protocols, practices applied as sanctioned, and information being accessed, their classification and permission attributes and activities that are employed along. Thus, it makes sure that such systems and data conforms to organization’s acceptable practices, which cause to facilitate and support its businesses and activities. Anyone found to abuse these systems and its data directly or indirectly may be subject to disciplinary actions up to the extent termination of employment.     

An IT policy is nothing without anybody being responsible for its regular appraisal. It’s the same thing for administrative orders and IT procedures. And how all of these will be put into context and be executed as a mean to enforce them logically and technically. It can mean that the IT team shall be charged to study, update, test and improve the documents which reflects actions and shall furnish the stakeholders their findings and reports. It may then be used for qualifying the changes required, if any, as per the provisions of IT or business manual and its corresponding policies. And then there is the regular review of the everything IT which can include policies, procedures, operations, future plans, emerging technologies, risk management, staffing and costing. 

This is just the big picture which is the IT itself. Systematic and elaborated policies can be written to consider the very actions being made to run business systems more effectively. Relevant policies may include IT risk policy, which is sometimes being placed under different business unit, IT operations policy, acquisitions, inventory, email use (yes, it is still there), new hire, reorganization and separation, security and privacy, disposal including but limited to adaptation and integration of new business applications. 

Comments

Post a Comment

Popular posts from this blog

Philippine telcos blocking entire SMS text with internet addresses in it

If you are sending SMS texts to your friends, family or colleagues and they contain internet or web address including IP and email addresses, and even a period or dot separating, regardless of, your words and numbers, they are automatically blocked and not going to be received by your waiting recipient. Cooler heads must prevail here especially if an important message is urgently being expected. IP version 6 address is fine. However, an IPv4 including localhost address (given automatically to every computers and network interfaces as their own alone designed for troubleshooting purposes), and your money in the billion figure using dot as separators would be blocked.  If you send "local.business, naman.naman etcetera" or any words that made you use dot in between them, as part of the text, they will be blocked. There are some, that isn't blocked in this category. Like check.iclassed, some.ent, whatever.local etcetera, that is because they do not form any domain name at all
5 comments
Continue Reading

Philippine cyber campaign

Are Philippine institutions being targeted or simply being probed? We don't know for certain. It could be either or both. Whichever comes first? What we can understand, with the success of such attacks, is that they have found their way. Really.   How hard or easy? The attacker knows, but probably, also, those being attacked. Inclination should be there no matter how sophisticated our security systems are. In cybersecurity, we do a very focused job. Making sure we disappoint whoever is trying to gain access to any resource without permission and authority regardless of the environment we are in. What happened is that every asset deemed to have every variant of resource built-in, operating, that makes up the entire system working whatever it is trying to employ, in that case the primary purpose. Meaning, we have to know if we are running our system in a manner that is really secure, provisioned properly during design stage and managed continuously afterwards, post-implementation. No
Post a Comment
Continue Reading

iclassed privacy policy, unbelievable at first sight

Those who, before engaging us and was reading our business conduct, alerts and notices , could not restrain themselves asking, "can you really do your job without keeping any data at all? At the end of the day, you should still be looking at those information and make sure you did, and will, do well. I am expecting a lot from you here, you said so yourself!" Now, that last sentence is so loud. We keep them, not in our premises, but yours. If you've been our clients, you'll know how persistent we are when it comes to the reliability and security of your systems, data and credentials. That's our responsibility, as is made popular by cloud computing, and we don't need to be in a cloud.
Post a Comment
Continue Reading