Securing your online capital

Last week I travelled to Ireland to collect a car. I took a flight from Luton to Dublin which cost me £35, and I reserved a high speed ferry from Dublin to Holyhead.
The night before my trip I remembered I did not have the foggiest idea of how to get from my Winchester home to Luton. Within a couple of minutes I had a full printout of train times via or avoiding London to Luton.
On the day of my journey the postman delivered a book I had ordered a week earlier which had been delivered from the US.
If you have not guessed by now all of these transactions were conducted over the Internet. The airline tickets were purchased via Expedia; ferry tickets with Irish Ferries; train times from Railtrack; and the book from amazon.com.
I was able to arrange my journey at night, outside ‘office hours’. The Internet is just starting to liberate my time in a way I imagine the car did for many when it first hit the streets.
Many factors have swung me around to using the Internet as a purchasing medium, including: its convenience; the bargains you can find; the hype; the incredible amount of information available to help you with purchases; and the personalised nature of sites.
But by far the most influential factor has been my perception of improvements in information security (info sec) technologies, which protect my credit card details while they are being transmitted. The first use of my credit card over the Internet was like being told it is OK to jump out of a burning aircraft because you are wearing a parachute. You would prefer not to jump, but it is necessary if you want to survive.
And so it is with using the Internet. Business-to-business and business-to-consumer transactions are accelerating at an unprecedented rate.
All of these are fuelled by the promise of substantial cost savings, the ease of managing supply chains and distribution channels, the leverage the Internet can provide – particularly in the service industries (such as banking and insurance) – and the new-found trust we seem to be quickly acquiring.
But how do you decide which information assets you need to protect? What technologies exist to protect your information assets and what are the common issues that arise when installing information security solutions?

How to decide which
information assets to protect
Information security is now an issue of strategic importance in many of today’s flat, global and often virtual organisations. Deciding on the best info sec policies, technologies and processes can seem as bewildering as it is critical.
This need not be the case. There are a few straightforward steps a firm can take to make sure its info sec strategy is robust to change, protects the business critical information assets and enables growth.
As a starting point the firm must identify the dynamic success factors (DSF) of its business. The contribution of each DSF to other DSFs and the firm’s business objectives is then established – often during a carefully facilitated workshop. The contribution scores of each DSF provides a framework which helps the decision maker prioritise what is and is not important to the success of the business.
The next stage involves mapping out the information needs of each DSF in terms of its objectives, information outputs and inputs and control information. The use of specialised mapping tools allows areas of information overlap to be quickly identified for all DSFs. By combining these results with the relative importance scores of each DSF, the critical information assets of the business are readily identified.