Information sources- research & development operations, Patents, results of product trials, brand strategy records-Information confidentiality is critical
Operations spread across geographies and disparate IT systems- Implementing IT Security initiatives is a major challenge
Work group environment with flat network-Enforcing user compliance with IT policies on workgroup environment is inherently more difficult when compared to Domain based environment
Qadit’s Approach
Benchmark existing IT policy with best practice standard-ISO27001
Carry out risk assessment to determine if IT policies meet business objectives, viz.Information is kept confidential, Information is available when required and Information is reliable
Audit compliance with existing policies
Use tools to assess vulnerability of key IT assets.
Key Findings/Recommendations
Increase awareness in the organization on the need to align IT goals with business objectives
IT should drive user compliance with IT policies and procedures through a centralized approach to security administration
Use of encryption software on e-mails
Segregation of critical networks to prevent unauthorized access
