In: Operations Management
Information security activities often create tension between the desire of users to engage in a particular activity and the need to secure the information assets of an organization. If business stakeholders and the broader community span the globe, how might this contribute to increasing the potential tension between business users and information security professionals? Discuss a strategy that you would use to reduce or eliminate potential areas of tension or conflict between these two groups within a global organization.
Use of data and information by the
users present in different parts of the world, cause the
information to flow through the insecure environment. It creates
higher scope of theft of information, breach of security and
information hacking. It increases the challenge for the information
security professionals. As a response, these professionals bring
new measures to ensure information security that restricts the free
flow access of the information at the user’s end. As a result, a
tension is created between the business users and the
professionals. Here, business users want maximum access to the
information without any constraints, attracting security issues,
whereas the security professionals work to ensure that no any
breach of security takes place by putting security
infrastructure.
As a strategy, the users of the information, will be put into the
different categories and they will be allotted the different level
of authorization to access the information or data. Besides, the
sensitive information can only be accessed using the authorization
used to the department or the functional head. It will reduce the
number of users who can access the data, but the accessibility is
not inhibited by issuing authorization to senior people in the
organization. It will reduce the conflict and security network will
be robust and sound to prevent any unauthorized access or
threat.
Besides, the data will be categorized so that data for one purpose
is not accessed by the other people who don’t need it. It will also
help to secure the information without inhibiting the control.