lt
Quick Facts

Introduction to Viruses

  1. What is a computer virus?
  2. What kind of files can spread viruses?
  3. How do viruses spread?
  4. What do viruses do to computers?
  5. Virus Hoaxes

The Importance of Back Ups

Defining the Value of Information Security

Artistic Value

It's the Principle that Counts

Value Squared

Reaching the CEO's

They Just Want to Run Their Business

lt
lt
Value Squared

CEO's know that a good business value works into the gestalt of the business system. We all know that by focusing on employee morale, we increase customer service, and thus profitability. By increasing profitability, we create more resources for customer service and employee morale.

To increase the value of Information Security, show the CEO that security IS a sound business fundamental. One great way to do that is to preach the connectivity between principles. On-line banking isn't going to work if the customer doesn't feel secure. Preach the value of security, and the fact that plain-text e-mail is NOT secure, and on-line banking succeeds!

Employee morale improves substantially if the CEO, cultivated with the artistic values of information security, openly marvels about the ironic relationship between information security and big brother, and the delicate balance between protecting the company and encouraging creativity in the workplace.

Or take that video store chain who, because Information Security has reached the business strategy, processes customer complaints about R-rated movies into a parent-code program designed to allow customers the proactive choice as to what rated movies their children can rent.

Or the retailer who recognizes that making eye-contact in a greeting reduces shoplifting. Is this a security action or a customer service initiative?

Compare this approach with that of the CEO that buys, instead of buys into, security. This CEO has employees asking how can users be expected to follow the computing policy when the top person in the company senselessly forwards all those jokes? The CEO who, buying into technology, explains to customers that forwarding jokes to him is compromising security, gains customers who feel safe doing business with his company.

And let's not forget the relationship between security best practices and quality. A company that recognizes the value of standardization and best practices profits more than the company who shoots from the hip. If documenting ISO compliance and non-conformity to the tenth degree is a best practice that CEO's are willing to buy into, effective passwords can surely make the strategic agenda.

When the CEO buys into security as a best practice, HR people begin sending messages reminding people to change the password on their voice mail, the marketing department begins watermarking their hard-earned collateral, middle management begins sharing security tips at their networking meetings, and the remote sales force realizes that Big Brother is necessary so they can work from home, over the VPN.

From: Indiana Information Security Web - http://www.iisw.cerias.purdue.edu/business_industry/defining_value.php

lt