|
|
|
01 Oct 2007
Businesses today are becoming ever more interconnected with suppliers, partners, franchises or data auditing systems. The commercial benefits of collaborative partnerships include shared resources, expansion of markets, increased speed to those markets and cost efficiencies. Yet companies rarely consider the impact of partnerships from a security perspective, despite the fact they are often the weakest, and most damaging, link.
Commercial partnerships are based on a high level of trust and cooperation. Partners are commonly required to integrate IT systems to allow for smarter, faster data sharing – often even involving the release of confidential financial, strategic or operational data. But this openness can put companies at unmitigated risk from security practices outside their control.
A recent report from Gartner highlights that businesses which have moved towards collaborative IT systems should rethink their existing ‘trust mechanisms’ for their partners, so that they are cautious when opening up their previously closed networks to external sources such as suppliers, customers and competitors.
New partnerships bring new risks and it is crucial that businesses are either fully joined up in their security strategies or at least have taken serious steps to mitigate the risks. They need to both protect themselves against the threat of any attacks that their partners might expose them to as well as ensure that they themselves aren’t leaking attacks to their associates.
Many – especially smaller – companies rely on third party systems in order to conduct their business. This dependency means that if the IT system of the partner fails, they are reliant on the third party disaster planning. This can be crippling and costly to both current and future customer relationships.
When managing their business relationships, companies need to achieve a fine balance between ensuring the necessary level of security while not jeopardising their ability to do business by clarifying security definitions from the outset.
Regulating risk has never been more important as businesses are being forced to become more transparent due to compliance laws but as firms scramble to adhere, they are at risk of failing to recognise the strategic importance behind sound security checks for partners.
A systematic framework should be devised that allows them to assess security risks, implement controls and manage specific threats. Organisations need to select suitable IT systems and implement partner-wide policies for access control, to create as secure and manageable an infrastructure for the extended enterprise.
So, while business environments continue to expand, not using modern technology links can put businesses at a genuine disadvantage. Yet simultaneously, these partnerships and integrated processes bring with them new threats. In order to balance risk against reward, every company needs to strategically assess the security implications of opening up its IT and information network to other businesses and realise that they are only as ‘secure’ as their weakest link.
In this video find out about the fast-growing Chinese vendor's plans for market domination and how the channel is its route of choice
Find out what gifts Acer has in store for partners for 2012 in this exclusive roundup of its recent conference
CRN's premier networking event is back on 17 May at the Ricoh Arena
Date: Thu 17 May 2012
Channel fighters preparing to square up once more on 24 May
Date: Thu 24 May 2012
The proliferation of endpoint devices within the enterprise has highlighted the shortcomings of one of the traditional approaches to data security
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Dave discovers that rozzers are seemingly living in the technology dark ages
Mark Needham, founder of distributor Widget, argues that John Browett leaves for Apple with Dixons in better shape than when he arrived
|
|
|
Do you agree?
Have your say