Anne Stuart’s BPM in Action

Michael Dortch

BPM Back to Basics: Minimizing Risk and Maximizing Security (Part the Second)

user-pic
By Michael Dortch on October 12, 2007 9:10 AM 0 Vote 0 Votes

When it comes to risk and security management for BPM and more broadly, users represent both the greatest allies and the largest potential problems. After all, if a business can convince its users that it’s in those users’ best interests to contribute to maximizing security and minimizing risk, everybody wins (except the bad guys.) But this is much easier said than done.

Of course, this is really yet another process problem. Said problem has historically been is exacerbated by solutions and policies that come across more like “Big Brother� than like aids to greater user flexibility and productivity. However, users find themselves increasingly surrounded by and reliant upon technologies to do their jobs (and live their lives outside of work). As this trend continues, they become more receptive to being engaged in the protection and security of the resources they use.

So, how best to take advantage of this? Well, some useful steps include informing users of the risks at which they can place corporate intellectual property out of ignorance or lack of attention. (Remember bringing in that file your kid downloaded I mentioned previously?) Another set of useful steps might focus on communicating regularly to users that protection of corporate information is in their own personal, selfish interests. When information isn’t at risk, it’s more available, accessible, and trustworthy, which makes those using it more productive.

It can also help tremendously if those responsible for managing and overseeing the processes affecting information protection and security communicate more regularly with users. Such communications can combine summaries of relevant external and internal news and events with specific recommendations and tips, all intended to increase user awareness. A weekly e-mail, periodic posts on the company intranet, sessions at company meetings – all of these present opportunities to “market� and “sell� information protection processes.

There are a wide range of tools that can help address the security challenge as well. More to come…

Categories: ,
More Articles:

« BPM Back to Basics: Minimizing Risk and Maximizing Security (Part the First) | Main | When Business Processes Fail: Citigroup, Merrill Lynch, and Yahoo! »

Leave a comment

Recent posts from our Blogs

Business process management and optimization -- philosophies, policies, practices, and punditry.

Anne Stuart

Anne Stuart, site editor for ebizQ, is a veteran journalist who has written for national magazines, daily newspapers, an international news service and many Web sites. She’s specialized in covering business and technology issues since 1993, holding senior editorial positions at CIO, Inc., WebMaster and Redmond Channel Partner magazines, and freelancing for many other print and online publications. Previously, she was an editor and reporter for The Associated Press and several daily newspapers. Based near Boston, she can be reached at astuart@techtarget.com.

Recently Commented On

Monthly Archives

Blogs

ADVERTISEMENT