Infrastructure Development for e-system

IT Security

Information systems collets, process, stores, analyses and disseminate information for a specific purpose, when it related to digital economy that system bases on digital technologies. IT security broadly refers to protection of information and other digital assets, communication networks, traditional and e-commerce business operations to assures their integrity, availability and authorized use and to defend against financial loss and liability furthermore IT security failures have direct impact on business and it is so integral to business objectives that it can no longer be treated as standalone function thus IT Security is an un avoidable area that we must believe as heart of management involvement with IS/IT.

Hardware , software and communication are three main portion of information system and e- business information systems are computer applications that use the Internet technology, its universal connectivity and the capabilities of the web browser to integrate business process within and beyond enterprise. According to the (Turban, 2008) digital economy is Internet economy, the new economy or the web economy. As a result of this e-business and digital economy facility it allows transaction to be conducted in an integrated and enlarge information space by removing constrains imposed by diverse computer platforms, networks and applications as well as eliminating geographical boundaries.

When technology become more and more advanced the main issue is its safety because protection possibility also increases inversely. Information systems security means safeguard all three components (Hardware, software, communication) and protection information from unauthorised access, use, disclose, disruption, modification or destruction. On the other hand information security is a business problem that can be assessed with the same analytic methods that used for other business related risk and consequences. In other words secured information systems have qualities of security component such as confidentiality, integrity and availability (CIA).

Trcek (2006) has suggested ISs security and privacy management is an umbrella process consisting of planning, organizing, executing and supervising with corrective actions – these are the classical management functions according to Henri Fayol. And also he suggested  IS, IT security and privacy management binds together an organization’s objectives and strategies, the establishment of an appropriate organization structure, the source of security policy, its implementation and validation, its execution and compliance checking, together with adjustment, including reaction to incident and handling of these incidents. Further more all IT techniques and strategies enable business decision markers to tackle information security policy even if they do not know very much about the technology. According to all those factors when selecting appropriate manager who is responsible for IS/IT is not a easy task because in this case their skills, knowledge, experience have to be consider and examine thoroughly.  

IT security manager responsible for the planning, design and audig of security policies and procedures which safeguard the integrity of and access to systems and electronic information in order to guard information against accidental or unauthorized modification, destruction, or disclosure. To fulfil above mentioned responsibilities the manger should be able to identifies and develops area where information security policies and procedures require creation or updates, confers with management, developers, auditors, plan security for data, software applications, hardware, telecommunication and computer installation, prepare risk assessment and security briefing related issues, manage IT security awareness programs and activates and  create security policies. The successful managers should have knowledge of risk assessment procedures, policy formation, authentication technologies, security arrack pathologies, application level security and security programme development or management furthermore desired skills are project management skills, interpersonal skills, leadership skills, problem solving and analytical skills, oral and written communication skills.

References :

Trcel, D. (2006), Managing Information Systems Security and Privacy. Birkhauser.

Turban, E, Leindner, D, McLean, E, & Wetherbe, J 2008, Information Technology for management: Transforming business in the digital ecomony, 6^th den, John Wiley & Sons, NY.