E‐enterprise security management life cycle
| Autor: | H. Joseph Wen, Stephen C. Shih |
|---|---|
| Rok vydání: | 2005 |
| Předmět: |
Operations research
Computer science Supply chain Standard of Good Practice Control (management) Library and Information Sciences Management Science and Operations Research Computer security model Security information and event management Management Information Systems ITIL security management Risk analysis (engineering) Software security assurance Security management Business and International Management |
| Zdroj: | Information Management & Computer Security. 13:121-134 |
| ISSN: | 0968-5227 |
| Popis: | PurposeOne of the purposes of this paper is to discuss special security concerns and new challenges at front‐end e‐business and back‐end supply chain operations. An e‐enterprise security management life cycle (eSMLC) is then proposed to ensure the unification and congruity of e‐enterprise security management.Design/methodology/approachTo demonstrate the practicality of the eSMLC, a case study is presented to depict the application and implementation of the methodology at a leading US heating, ventilating, and air‐conditioning manufacturing company.FindingsThe case study substantiates that the eSMLC methodology can be employed as a unified mechanism to provide central, cohesive control and global visibility. It helps security professionals in the company develop practical steps and sustainable solutions for tackling the unique security challenges arising in an open, unbounded e‐enterprise environment.Practical implicationsImplementing eSMLC can help the security specialists focus on different critical security management jobs in a sequential but interrelated and logical manner. Through the use of eSMLC, in‐depth understanding of the potential environmental risks can be properly acquired. The methodology also helps managers perform a proactive analysis of the consequences of security breaches in relation to risks.Originality/valueThe proposed eSMLC methodology provides a viable foundation for building a secure and manageable computing environment using a recommended set of solutions, processes, procedures, and technologies. eSMLC methodology renders a unified, structured framework which helps develop an actual security plan and solutions and/or improve currently used security standards, practices, and configurations in response to special security requirements and long‐term e‐business needs. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|