Information Security

Information has always been valuable and those that have it are “king” in the cut- throat business world of today. Over the last two decades we have seen technology take a leading and ever advancing role in how we use, access and store information or data. It has also massively increased our ability to use information to establish competitive advantage. Information security was largely misunderstood, under valued and insignificant in the early days in the race for acquisition and use of data. As security started to develop a business place in the corporate world, initial protective strategies concentrated on physical assets such as property, personnel, product or manufacturing infrastructure. Then came the computer revolution and 30 years on we need to incorporate risk assessment to logical assets. Data is not just simply stored on a single computer either, but also made accessible to employees, customers and business partners. It is transmitted around the world and stored in many different locations within the modern and highly competitive commercial world. The “security landscape” then has changed remarkably and no doubt will keep on changing in the future. SSR® Executive Partners provide much needed audit, review and advice to our diverse client base. We have, through our partners, the experience to deliver not just short-term interim expertise (contract / temp resourcing), but also the capability to consult with clients on specific security issues raised through the internal audit process or external reviews. Our partners have been selected for their particular expertise, reputation and common shared beliefs with SSR® Personnel. In principle SSR® Executive Partners are concerned with maintaining appropriate controls based on the requirements and security status of the information / data in question. Reliability or integrity of the information / data being most important. Finally, availability of information i.e. “the business end” of the dataflow process. The common acronym for this approach is CIA (confidentiality, integrity and availability). To enable an organisation to achieve a robust information security stance SSR® Executive Partners believe it is essential that security policies and procedures reflect standards such as ISO27001. Whether your organisation aspires to accreditation or simply wishes to achieve the baseline standard, we have the expertise in place to assist in the development of processes, culture and awareness to tackle what is arguably a pain process if not approached correctly and with the right support. All personnel within an organisation are responsible for security, but this is rarely understood or embraced. Put quite simply “a chain is only as strong as it’s weakest link”. It is inevitable that employees will find it far too tempting to do things in their own way to save time because it seems like a good way to do things. Before you know it data is being stored incorrectly and becomes accessible to those who are not authorised, and this can have disastrous consequences to an organisation’s reputation in cases of breaches in Data Protection Act compliance. SSR® Executive Partners strive to ensure that security is considered throughout all stages of a system’s life cycle, from design to development through to implementation. Our security experts can work with system analysts, architects and programmers helping them to understand the information security issues and techniques that are vital to their work. Specific areas where SSR® Executive Partners can help are: · Logical Access Controls · Network Level & Domain Security · Application Security · Remote Access · Security Analysis & Review · Standards & Accreditation Support