It is clear to say that we are in an era of massive digitisation. Every business knows that digitising their business process is the new norm. Even religious houses are now using online platforms to reach out to their congregation. However, there is a catch here in the midst of these advancement. There is the question of the platform used, there is the question of security, there is the question of in house technical tools and ultimately, the question of auditing the systems used.
Before I explore those four areas, I must state that companies need to build a cyber security framework as they consider building their digital presence. There is a spike in hackers activities this period. And, as such, companies must pay attention, be alert for these intusive attacks and have the process to handle them. Disaster recovery mechanisms —recovery time point and recovery product time—should be consider and marched with the existing company cyber security risk framework (I will talk about this in detail in the future).
Now, back to the four things companies must be pay attention to as they digitise. The question of platform comes with its own perks. Google, zoom, Facebook, just to mention those three, are the go-to-platforms most companies use for their daily meetings. Some companies also use other third party companies to raise tickets and proffer solutions to their customers’ requirements. While this is welcomed, the onus is on the company, to carry out the necessary due diligence to ensure that these third party companies take security and privacy seriously. Companies should be asking questions about the processes. Recently, Zoom was hacked by unscrupulous individuals which destablised a lot of companies. Zoom claimed they had the security systems in place before the hack but it’s obvious they only paid lip service to their customers.
Security is the backbone of any online business. Without online security, a company would be exposed to risks. Imagine a company that decides digitise their process, set up their platform and fail to pay attentiion to security. That sort of company is set to fail. There are many business stakeholders who think saving security for later is the best approach but they often realise too late that that approach portends more danger. Each company needs to look at their system and come up with the best information management security framework.
If the company is financially bouyant and has the capacity to build its own tools, that is even better. That way, the team can focus on building a tight knitted business, pay attention to the security at the inception of building the concept and know how to make corrections when a problem occurs. It is not about building a perfect system, it’s about building a system that can be iterated as needed and developed as necessary. This breeds confidence in the company and customers.
Whether you are building your system, whether you are using a third party app or thinking of using a new tool you need to put into consideration these things. As much as it seems that going digital is the best thing right now, you can’t dismiss the fact that there’s an exposure that needs to be tackled. If your business process really needs to be digitised, ensure that the technical personnels in your team understand the implications.
A failure to put these highlighted things into perspective has lead to devastating effect for big and small companies. In the United States, for example, over 70% of businesses have been hacked immediately they deployed new systems. New systems generally present weaknesses that must be addressed before going to the next phase. It’s important to break these phases into three key areas too: people process and technology.
The people who will manage the systems must understand their role, what they need to do per time and how they need to handle risks when they happen. In a nutshell, without people systems don’t work. They must be trained.
The process in place has to be solid proof. The end-to-end management of the process needs to be put into consideration. What does the process involves? It involves the process map flow of how security will be handled, unpacking embedded complexities in the systems and ensuring that all gaps are analysed and addressed.
And finally, there is the need to talk about the technological stack needed in the business. Technology plays a vital role in any digital process. Ensuring that one has the right technological stack fit for purpose is essential in building a robust digital system.
I have talked about the four pillars of ensuring that your digitalisation process is solid and we’ve covered the three main things to consider when you begin to develop your new process. Above all, I would be remiss if I don’t mention necessities of paying attention to information in your possession. In that light, consideration should govern the management of information in your possession. What is the use of a digitised system when you don’t respect fundamental human rights?
There is no one system that fits all organisations. Institutions are heading towards full digitisation and it would be interesting to see how they handle security, build working systems that pay attention to protecting their customers and how they would react to existing risks.
Frontpage December 14, 2018