Thursday, 15 April 2010

Intersting Points from the Radmap paper ..

i was reading the paper "Secure Business Process Management: A Roadmap", and some of the points were really interesting.

First they had an interesting definition, where they defined the term ”Secure Business Process Management” (SBPM) as following: The management of the whole business process life cycle in conformity with security and dependability objectives: Confidentiality, Integrity, Availability, Reliability, Safety and Maintainability.

and the other idea that was interesting is what they explained that in today’s companies security is too important to reduce it to a technical issue. So always remember "Security is a process and not a product".

So the benefit of security can be defined as the creation of value by granting the operational execution of the corporate strategy by the use of business processes.

Another inserting idea was the different between Secure BPM nad Security Refrence Proceses.
Secure Business Processes are security-enhanced business processes. Security measures and business processes are modeled in an integrated view. These models are the basis for the execution of the business processes e.g. with workflow systems.
Security Reference Processes are based on established security frameworks such as Cobit or ISO 17799. These processes describe how to reach and keep a defined security level according to the used security framework. Security Reference Processes serve as a basis for valuating the costs of implementing security measures.

Finally the importanince of keeping an eye and monitoring your security as they say Newspapers are full of articles about companies being surprised of their business loss due to security breaches, as security problems mostly do not appear without any signs.

---------------
Resource:
Secure Business Process Management: A Roadmap.
Thomas Neubauer, Markus Klemen, Stefan Biffl. 2006

No comments:

Post a Comment