Managing Information Security System Technology Changes Across an Enterprise
The goal of information security systems in an enterprise is to make the right information available to the right entities at the right times and in the right formats while ensuring only authorized information flows occur. The standard approach is to purchase a new system to meet current needs. Patc...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
International Institute of Informatics and Cybernetics
2019-06-01
|
| Series: | Journal of Systemics, Cybernetics and Informatics |
| Subjects: | |
| Online Access: | http://www.iiisci.org/Journal/CV$/sci/pdfs/SA380WH19.pdf
|
| _version_ | 1818574314988896256 |
|---|---|
| author | Kevin E. Foltz William R. Simpson |
| author_facet | Kevin E. Foltz William R. Simpson |
| author_sort | Kevin E. Foltz |
| collection | DOAJ |
| description | The goal of information security systems in an enterprise is to make the right information available to the right entities at the right times and in the right formats while ensuring only authorized information flows occur. The standard approach is to purchase a new system to meet current needs. Patches, work-arounds, and added components satisfy the changing future needs while creating an increasingly complex system, and operational capability slowly degrades over time as complexity builds. The system is then rebuilt from the ground up, at great cost and inconvenience, and the cycle repeats. This paper describes an approach for constant change. Instead of building the best system possible based on today's needs, only to replace it in the future, the goal is a system that is capable of evolving toward a better future in a consistent and directed way. This prevents one-off fixes from lingering, and it keeps the distributed decision-making process aligned toward a common enterprise goal. Components not consistent with future goals are identified and scheduled for replacement. Current practices chosen for expedience are assigned expiration dates to prevent them from becoming solidified in the future architecture. The replacement cycle is applied to components of the system instead of the entire system. This stops the cycle of complete replacements by allowing constant change, which reduces overall cost and maintains a more consistent operational capability. |
| first_indexed | 2024-12-15T00:24:57Z |
| format | Article |
| id | doaj.art-78ede5c553f642ad9c0cd68af5c78225 |
| institution | Directory Open Access Journal |
| issn | 1690-4524 |
| language | English |
| last_indexed | 2024-12-15T00:24:57Z |
| publishDate | 2019-06-01 |
| publisher | International Institute of Informatics and Cybernetics |
| record_format | Article |
| series | Journal of Systemics, Cybernetics and Informatics |
| spelling | doaj.art-78ede5c553f642ad9c0cd68af5c782252022-12-21T22:42:12ZengInternational Institute of Informatics and CyberneticsJournal of Systemics, Cybernetics and Informatics1690-45242019-06-011735561Managing Information Security System Technology Changes Across an EnterpriseKevin E. FoltzWilliam R. SimpsonThe goal of information security systems in an enterprise is to make the right information available to the right entities at the right times and in the right formats while ensuring only authorized information flows occur. The standard approach is to purchase a new system to meet current needs. Patches, work-arounds, and added components satisfy the changing future needs while creating an increasingly complex system, and operational capability slowly degrades over time as complexity builds. The system is then rebuilt from the ground up, at great cost and inconvenience, and the cycle repeats. This paper describes an approach for constant change. Instead of building the best system possible based on today's needs, only to replace it in the future, the goal is a system that is capable of evolving toward a better future in a consistent and directed way. This prevents one-off fixes from lingering, and it keeps the distributed decision-making process aligned toward a common enterprise goal. Components not consistent with future goals are identified and scheduled for replacement. Current practices chosen for expedience are assigned expiration dates to prevent them from becoming solidified in the future architecture. The replacement cycle is applied to components of the system instead of the entire system. This stops the cycle of complete replacements by allowing constant change, which reduces overall cost and maintains a more consistent operational capability.http://www.iiisci.org/Journal/CV$/sci/pdfs/SA380WH19.pdf enterprisetechnologyoperational baselineimplementation baselineinformation securitytarget baseline |
| spellingShingle | Kevin E. Foltz William R. Simpson Managing Information Security System Technology Changes Across an Enterprise Journal of Systemics, Cybernetics and Informatics enterprise technology operational baseline implementation baseline information security target baseline |
| title | Managing Information Security System Technology Changes Across an Enterprise |
| title_full | Managing Information Security System Technology Changes Across an Enterprise |
| title_fullStr | Managing Information Security System Technology Changes Across an Enterprise |
| title_full_unstemmed | Managing Information Security System Technology Changes Across an Enterprise |
| title_short | Managing Information Security System Technology Changes Across an Enterprise |
| title_sort | managing information security system technology changes across an enterprise |
| topic | enterprise technology operational baseline implementation baseline information security target baseline |
| url | http://www.iiisci.org/Journal/CV$/sci/pdfs/SA380WH19.pdf
|
| work_keys_str_mv | AT kevinefoltz managinginformationsecuritysystemtechnologychangesacrossanenterprise AT williamrsimpson managinginformationsecuritysystemtechnologychangesacrossanenterprise |