InformationWeek
Defining The Business Value Of Technology
February 15, 1999
Security: An E-Biz AssetE-business pacesetters have to be open to customers and partners, but closed to intruders. Here are the different routes that four companies-First Union, E-Trade, Equifax, and Catholic Healthcare West-are taking to arrive at the same safe, secure place.
By Bob Violino and Amy K. Larsen
| Related links: |
|
|
| And from our sister publication: |
|
|
| The four companies: |
|
|
all it the E-business paradox. Companies embracing electronic business must be open and closed
at the same time-open to sharing information with trading partners and customers; closed to
hackers, malcontents, and other intruders. Creating an IT security culture and infrastructure
that straddles this fine line can mark the difference between an E-business pacesetter and a
laggard.The most progressive companies are buying into the notion that airtight IT security can reinforce their forays into E-business, not hamper them. For these companies, IT security is a business value involving the most senior levels of the organization, not just another operational detail.
"Security is at the foundation of everything we do," says Kathy Levinson, president and chief operating officer of online brokerage E-Trade Group Inc., which considers its nearly obsessive approach to security a way to attract and keep customers. "It's part of our management structure, product development process, marketing, partnerships. If companies that use the Internet for business can't convince their customers and partners that information is secure, then the whole idea of E-commerce is at risk."
If those at the top of the organization are security-minded, a security culture will permeate, notes Gartner Group Inc. analyst William Malik. "If the boss is not willing to take the lead on security, then the company is in trouble," Malik says. "It's great when CEOs say, 'I need a 15-minute update on our information security first thing on Monday morning.' That gives security chiefs a powerful hammer to get things done."
A more businesslike approach to security, in which the development of policies and the purchase of tools is viewed as an investment that will yield returns, should become the norm as E-business accelerates. For instance, First Union Corp. executives think so highly of IT security that it's the first thing they consider as part of merger and acquisition due diligence. "Normally in a merger, the first ones there are the finance people," says Peter Browne, First Union's senior VP of information security. "But before they even talk to each other, we're doing a security review."
There's no question that E-business is big business. Forrester Research projects that U.S. business-to-consumer sales on the Web will increase to $18.1 billion this year from $7.8 billion in 1998, and business-to-business sales will jump to $109 billion from $43 billion.
To bolster and protect that planned growth, IT security is becoming a top priority. In a survey of 300 IT executives by InformationWeek Research, 84% of respondents said network security technologies, products, and services are on their project lists for 1999. This placed security near the top of their IT agendas, beating year 2000 conversion and testing, Web server software, data ware- housing and mining, E-commerce software, enterprise resource planning applications, and other strategic areas.
As business thinking about IT security gets more sophisticated, so do the products. There's a wider-than-ever assortment of tools that go beyond standard firewalls and user passwords. Some of those tools-such as digital certificates and intrusion-detection systems-show particular promise (see sidebar story, "More Options For Tighter Security").
The most progressive companies are taking a holistic approach to security, combining the latest tools and tactics with an emphasis on security as a key enabler of E-business. "Business has to understand security is not just paranoia," says Bruce Murphy, partner and national director of technology risk services for PricewaterhouseCoopers. "It's a lot easier to spend a little up front on security than to get burned on the back end."
While most companies are loathe to reveal specific details about their IT security
infrastructures-for fear of tipping off competitors or goading hackers-the following
security-conscious companies give some insights into their tactics and long-term strategies.
First Union: Rigorous Standards
E-Trade: An Absolute Priority
Equifax: Who Goes There?
Catholic Healthcare West: Healthy Security
Back to This Week's Issue
Send Us Your Feedback
Top of the Page
Cirrus Logic seeking Digital IC Design Engr in Austin, TX
Hebrew SeniorLife seeking Senior Network Analyst in Boston, MA
Agilent seeking NPI Project Manager in Shanghai, CN
UC Berkeley seeking Helpdesk Team Lead in Berkeley, CA
Rohm and Haas seeking Product Portfolio Manager in Philadelphia, PA
For more great jobs, career-related news, features and services, please visit our Career Center.
Today's Top News
- Radical Desktops Deliver Power To The People. But What About IT?
- Need Disaster Recovery On The Cheap? Think Virtualization
- No Virtualizing Without A License
- Smart Stuff: The State Of Business Intelligence 2008
- Down To Business: Are Technology Leaders Focusing Too Much On The Small Stuff?
- Rolling Review Wrap-Up: Vendors' RFP Responses Make The Case For Switching
