Maksim Kabakou - Fotolia

Security Think Tank: Use flexible tech backed by security policy for competitive edge

How can organisations maintain usability and keep support costs low without compromising on security?

The customer is king for every industry. However, for the customer to be king, disciplines such as security, usability and user experience should be queens.

Organisations around the world have the goals of expanding their customer base, amplifying their reach and, at the same time, maintaining the right security posture and risk appetite that minimises potential threats. That balance is not easy, and companies are looking for ways to reduce what it is known as “the exposure factor”.

We as customers want to use our own devices, everywhere and any time, to connect to systems that provide us with services. However, that approach introduces different problems to providers, such as platform diversity, outdated operating systems and erratic user behaviour. Service providers must keep up the promise of being an open, always-on business without compromising on security, assurance, or governance of the enterprise IT.

Help is on the way for providers in the form of automation, configuration management and user behaviour patterns management. There is technology today that can proactively envision the platforms the customer is going to use and adapt the service’s code/app to it. Matching the technology with an organisational approach is crucial. Companies can adopt a technical approach based on three control methods:

  • Detective controls: truly useful when it comes to analyse what happened with a specific transaction in a certain region or population in the world.
  • Corrective controls: that can right a wrong.
  • Preventative controls: these work in the field of knowing what might potentially happen and enable a system or service to embrace a whole new approach, if necessary, for the communication to happen appropriately.

When an organisation has a massive customer base – in the internet era, everything is about volume, a world with no frontiers and a truly global amplified user surface – it should be a high priority to predict what users will like and how consumers might need support. Customer care centres or service desk departments have to embrace technology that can adapt to user needs and adopt protocols, processes and procedures that enhance the experience of being served.

Technology is not a problem for this and the name of the game is proactivity. By using adaptive technology (that uses, for instance, universal coding that can be flexible depending on the device being used), representatives from the entity can be one step ahead of their users and prepare for a potential “request storm”.

Organisations can reduce their physical footprint by leveraging remote technologies to solve an issue in a matter of minutes (sometimes even seconds with proactive technology). All this can, and should, happen, maintaining a security baseline never to be compromised – a configuration set of policies that are obliged for all users and that will prevent a (potentially) unsecured device (that has been hacked or jailbroken) to enter the corporate systems.

Security is at the intersection of technology and user experience, of tools and customer expectations, and it is the obligation of everyone at a company to protect and defend. This will certainly enhance the assurance provided to a customer and will be, in the mid to long run, a competitive advantage and will bring more customers. This is really what every company in the world wants.


Ramsés Gallego is a former board director of Isaca and strategist and evangelist at the office of the CTO at Symantec. ..................................................................................................... .....................................................

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close