Published: 04/05/2016 – 12:34:29
The world today is full of systems and applications that record, transfer and create information. All this information is recorded in numerous databases of numerous organizations and accessible to many people in this world out
in the past, it was known that the paper does not transferred easily, but it was, and continues to be susceptible to loss and loss creating problems and constraints to many business processes. The drawbacks, even though they could be many, were more or less controlled, either on a personal level, both in geographical scope.
But today, how could say Lavoisier, but now applied to the information “nothing is lost, everything is transformed, “but contrary to the same Lavoisier, on the contrary” everything creates. ” Man takes on the role of God in creation … of Information!
Now, it’s about this great creation that continually happens, and that amplifies the presence of each other on this planet, we must urgently establish and implement best ways to guarantee their reliability in the most critical business processes for the life of each.
are considered critical process the relationship processes with all state entities, the banking, insurance, as well as all private entities that register referring to health information. These entities register our master data or technical data.
most of the remaining entities does not track this type of information with a high detail but, Furthermore, notes behavioral data, and some of these (eg, locations, times, etc.). may be high level of criticality if not adequately protected
in Portugal, we do not know very well that processes organizations have implemented to ensure the security of data and information, or for human level or at application level and at the level of information maintenance facilities. The audit of information systems is not a normal activity in many organizations. Many never made, which indicates a lot of ignorance about what really goes with the information they maintain. Does this information is not to be “captured” also by competitors? Is she not “carried” daily outside the organization? Backups are being stored reliably?
All of these and many more situations depend on the applications and systems. Does the appropriate safety tests before the start of operations are performed? Do these tests are carried out by independent teams who develop the software? Who certifies the quality of programming? Who ensures that there are no “backdoors”? ….
Security tests are one of the most critical processes throughout the application building process. Despite never being able to guarantee 100% safety, without them we can be in the presence of 0% security. Are business and society aware of this?
José Pedro Gonçalves
Partner, Baker Tilly
No comments:
Post a Comment