Establishment of Enterprise Secured Information Architecture

Establishment of Enterprise Secured Information Architecture

Shyh-Chang Liu (I-Shou University, Taiwan) and Tsang- Hung Wu (I-Shou University, Taiwan)
DOI: 10.4018/978-1-4666-0197-0.ch018
OnDemand PDF Download:
No Current Special Offers


Due to the fast progressing of the Information Technology, the issues of the information security became more important for the industry recently. Since the scopes of the information security are so broad, it hardly can be absolutely safety, not to mention only the limited resources are provided. The possible solution to enhance the security of present IT environment is to plan the safe and sound information flow (includes the strategy flow, risk management flow, and logistic flow) by integrated planning, based on the company integrated operation modes.
Chapter Preview


IT system plays more and more important roles for the industry during the informatization process. It has to be designed from the view of company operation to make the IT technique integrates business activities successfully so that the competition ability can be enhanced. In order to sustain the daily operation, companies establish different kinds of flows to reach both the milestone and long term operation goals. That makes the needs of IT technique increased day by day, so that the ratio of IT investment also increased more. Due to the performance can not be incarnated, either the higher management or the other departments agreed that the IT department is a kind of money wasting unit because the company could not make more profit after investing huge money. Since lacking of good communications and methods, IT department can not reward the appreciations from other departments but complains after spending in time and efforts to help the users to solve the problems in daily activities. Thus some conflicts happened. How to use the limited manpower to achieve the user’s high expectation as well as reduce the budget of IT department becomes the current IT departments’ challenge. Most present companies’ IT security sole depends on security tech instead of the appropriate management code that face the possible destroys such as illegal authentications, computer virus and these destroys may influent over the expectation such as the lost of confident or key operation information. It not only affects the competition ability of the company but also the images. IT security should be established to fit three IT security principals of company that are Confidentiality, Integrity, and Availability. The Confidence is to ensure that each information process as well as the possible tapping (without authorized) places are security examined. The Integrity means the judgment of the information content is original not modified. The Availability is to prevent the crash of service and the operation ability. The information strategy plan will be introduced in the first that information strategy represents the information plan based on the company operation strategy. The information risk management will be illustrated later in this chapter. The recommendation of the logistics flow improvement includes employee’s education/training, information infrastructure adjustment as well as information risk management like Figure 1.

Figure 1.

Enterprise information plan


Complete Chapter List

Search this Book: