[ISN] NOVELL: Poor information management threatens ...

From: mea culpa (jerichoat_private)
Date: Fri Nov 06 1998 - 01:23:45 PST

  • Next message: mea culpa: "Re: [ISN] Wanted: Computer hackers to test the latest technology!"

    Forwarded From: Nicholas Charles Brawn <ncb05at_private>
    NOVELL: Poor information management threatens ...
    06-11-1998 03:20 
     NOV 5, 1998, M2 Communications - NOVELL, UK -- Businesses that recognise
    information as their chief asset and manage and protect it properly will
    be the winners of the Information Age. Furthermore, failure to protect
    information appropriately could cost an organisation dearly, claims Novell
    in a report launched today in the UK entitled:  "Electronic Confidence: 
    Doing Business in the 21st Century". 
       The report by Novell, the world's leading network software provider,
    with Kroll Associates, the corporate risk mitigation consultants, aims to
    help European business leaders understand the issues of information
    security inherent in the Information Age, to enable them to capitalise on
    the opportunities offered by Electronic Business.
       The report identifies information, rather than raw materials or
    capital, as the most valuable corporate asset in the modern electronic
    age. It clearly illustrates that protection of that asset and secure
    information management are vital challenges facing businesses of all
    sizes. A challenge only made more critical as businesses connect to the
    World Wide Web and extend their organisations to the Internet, which
    remains, largely, an unknown quantity.
       The report addresses the 'Information Age Paradox'; how can
    corporations make their most important asset (information) flow freely to
    all relevant parties, while at the same time protecting its value by
    ensuring it is correct, contemporary and relevant, and does not fall into
    the wrong hands?
       It suggests that its resolution is a methodical, enterprise-wide
    approach to information security, designed to allow organisations to
    extract maximum value from their information, and allow it to be traded
    electronically - without risking its integrity.
       Andrew Sadler-Smith, managing director, Novell UK comments: "With the
    growth of Internet-led business opportunities, the need to resolve the
    security conundrum is of increasing importance to enable organisations to
    make the most of such technologies - without putting their valuable assets
    at risk."
       Report author Dennis Willetts, director of information security at
    Kroll Associates commented: "Failure to implement even a basic approach to
    information security could jeopardise an organisation's most important
    asset, information. At Kroll Associates, we often see the costly
    consequences that this neglect can produce".
              Threats to information
       Several categories of potential threats to information are highlighted. 
    These should be anticipated and evaluated by business managers before a
    security policy can be reached:  external threats;  hackers, fraudsters or
    'cyber-warriors' who are responsible for electronic 'break-ins' which may
    result in the stealing or unauthorised manipulation of information
    internal threats;  accidental, malicious or careless acts committed by
    employees that threaten information acts of god; uncontrollable natural
    disasters such as fire that can destroy electronic systems others; such as
    computer viruses and Year 2000
              Information security management 
       The report then outlines how to build an enterprise-wide, information
    security management model based on these potential threats - and stresses
    the vital importance of assigning board-level responsibility for managing
       "The Boardroom is waking up to the fact that information, rather than
    raw materials or capital, is now the most valuable corporate asset,"
    comments Dennis Willetts. "An information security management model needs
    to be created which takes an holistic view of security, assessing and
    countering threats wherever they arise across the enterprise. This
    includes staff education, which should be repeated at regular intervals to
    reinforce the security message."
       Technology tools can provide a solution to information management
    issues - for example, by identifying access points and all potential users
    of a system. However, Andrew Sadler-Smith stresses that without education,
    such management tools may not be enough: "Sophisticated technology can
    only be truly effective if staff are trained in its use". 
              A security checklist 
       In the report, Kroll Associates defines the essential points that an
    organisation should review before it can conduct Electronic Business with
    confidence:  Identify the systems and its boundaries Identify critical
    information at risk Decide what level of vulnerability is acceptable
    Choose the control objectives Select the appropriate information security
    controls Devise a complementary security training and awareness programme
    Implement under a quality management system Collate evidence of effective
    implementation Carry out periodic checks
       Andrew Sadler-Smith concludes: "There are several key issues that all
    organisations need to address before they can make the most of
    opportunities afforded by Internet-led technology and achieve Electronic
              About Novell 
       Founded in 1983, Novell (NASDAQ: NOVL) is the world's leading provider
    of network software. The company offers a wide range of network solutions
    for distributed network, Internet/intranet and small-business markets, as
    well as the network computing industry's most comprehensive education and
    technical support programmes.  Information about Novell and its complete
    range of products and services can be accessed on the World Wide Web at
       UK Web site is at http://www.novell.com/uk/ 
              About Kroll Associates 
       Since 1972 Kroll associates has been the world's market leader in
    providing to help clients evaluate risks, realise opportunities and
    resolve problems. Kroll's staff are specialists in defining investigative
    assignments, gathering information and providing advice.
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:10:18 PDT