Article: Enterprise Security, 2006. IT RIsk Management: An Essential Strategy for Business Success, USA, pp 4
IT risk management involves two complementary components:
- security
- availability
Information is worthless, and even be a liability, if it's not secure. Secure information is useless if it can't be efficiently stored and readily accessed.
Unlearn
Did not realize the importance of information security in office. There is risk involves if information are not secured properly.
Relearn
To mitigate the risk and improve on the current business risk and impact on IT, below are my suggestions on how IT or Pfizer can adopt:
- Tight customer data control particularly during data maintenance exercise, to prevent sales reps from copying the data
- Firewall and VPN to ensure only authorized devices are allowed to connect to the network and access to all applications
- Implement company wide Information Protection Plans whereby each user has their own password to access the necessary informations.
1 comment:
A fair suggestion for Pfizer. Are you passing this to the IT department ?
Post a Comment