In-House Standardization of Security Measures: Necessity, Benefits and Realworld Obstructions
The business demands cost reduction, flexible sourcing and customary quality when it comes to getting IT services. Internal and external IT service providers must therefore industrialize their IT production. Industrialization in turn requires standardization of all components in modern IT production. This includes standardizing the security measures that are used to protect the IT service provisioning. Areas and elements are identified that can be standardized. Needs and benefits are described for each. Additionally, this study focuses on real-world obstacles which need to be considered and surmounted in order to secure IT services in an efficient and flexible way. Practical advice is provided to support the standardization of security measures used in-house to protect IT services.
Unable to display preview. Download preview PDF.
- [ISO20000] ISO/IEC 20000 – Information technology – Service management – Part 1: Service management system requirements, Part 2: Guidance on the application of service management systemsGoogle Scholar
- [EFWB13a] Eberhard von Faber and Wolfgang Behnsen: Secure ICT Service Provisioning for Cloud, Mobile and Beyond, A Workable Architectural Approach to Equilibrate Buyers and Providers; Springer Vieweg, 2013, ISBN-978-3-658-00068-4Google Scholar
- [EFWB13b] Eberhard von Faber and Wolfgang Behnsen: A security taxonomy that facilitates protecting an industrial ICT production and how it really provides transparency; in: H. Reimer, N. Pohlmann, W. Schneider (Editors): ISSE2013 – Securing Electronic Business Processes; Springer, ISBN 3-658-03370-5, pp. 87-98Google Scholar
- [EvFWB12] Eberhard von Faber and Wolfgang Behnsen: A Systematic Holistic Approach for Providers to Deliver Secure ICT Services; in: H. Reimer, N. Pohlmann, W. Schneider (Editors): ISSE 2012 – Securing Electronic Business Processes, Springer Vieweg (2012), ISBN: 978-3-658-00332-6, p. 80 – 88Google Scholar